Extjs
只是跨域extjs并不需要特别的设置,但是默认并不支持cookie会话
app.js顶部加入
Ext
.
Ajax
.
setWithCredentials
(
true
);
这项只能解决通过Ext.Ajax发起请求时发送Cookie的问题,proxy还要单独处理
要让proxy ajax默认发送cookie需要overrides
Ext.data.proxy.
Ajax,在overrides\data\proxy目录中创建Ajax.js,内容为
Ext
.
define
(
'overrides.data.proxy.Ajax'
, {
override
:
'Ext.data.proxy.Ajax'
,
config
:
{
/**
* @cfg {Boolean} withCredentials
* This configuration is sometimes necessary when using cross-origin resource sharing.
* @accessor
*/
withCredentials
: true
}
});
YII
index.php或controller中加入以下语句
if
(
isset
(
$_SERVER
[
'HTTP_ORIGIN'
]))
{
//$_SERVER['HTTP_X_REQUESTED_WITH']="XMLHttpRequest";
header
(
"Access-Control-Allow-Origin:
{
$_SERVER
[
'HTTP_ORIGIN'
]}
"
);
header
(
"Access-Control-Allow-Credentials: true"
);
}
if
(
$_SERVER
[
'REQUEST_METHOD'
]
==
'OPTIONS'
)
{
if
(
isset
(
$_SERVER
[
'HTTP_ACCESS_CONTROL_REQUEST_METHOD'
]))
header
(
"Access-Control-Allow-Methods:
{
$_SERVER
[
'HTTP_ACCESS_CONTROL_REQUEST_METHOD'
]}
"
);
if
(
isset
(
$_SERVER
[
'HTTP_ACCESS_CONTROL_REQUEST_HEADERS'
]))
header
(
"Access-Control-Allow-Headers:
{
$_SERVER
[
'HTTP_ACCESS_CONTROL_REQUEST_HEADERS'
]}
"
);
header
(
'Access-Control-Max-Age: 86400'
);
//header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
//header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie, Authorization');
//header('Access-Control-Expose-Headers','Set-Cookie');
webapp
()
->
end
();
return
;
}