functionaddScriptTag(src){
varscript=document.createElement('script');
script.setAttribute("type","text/javascript");
script.src=src;
document.body.appendChild(script);
}
window.onload=function(){
addScriptTag('http://example.com/ip?callback=foo');
}
functionfoo(data){
console.log('response data: '+JSON.stringify(data));
};
foo({
"test":"testData"
});
<?php header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept');
//主要为跨域CORS配置的两大基本信息,Origin和headers
<Directory/>
AllowOverride none
Require alldenied
</Directory>
<Directory/>
Options FollowSymLinks
AllowOverride none
Orderdeny,allow
Allow fromall
</Directory>
app.all('*',function(req,res,next){
res.header("Access-Control-Allow-Origin","*");
res.header("Access-Control-Allow-Headers","X-Requested-With");
res.header("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS");
res.header("X-Powered-By",' 3.2.1')
//这段仅仅为了方便返回json而已
res.header("Content-Type","application/json;");
if(req.method=='OPTIONS'){
//让options请求快速返回
res.sendStatus(200);
}else{
next();
}
});
<dependency>
<groupId>com.thetransactioncompany</groupId>
<artifactId>cors-filter</artifactId>
<version>[version]</version>
</dependency>
<!--跨域配置-->
<filter>
<!--The CORS filter withparameters-->
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
<!--Note:All parameters areoptions,ifomitted the CORS
Filter will fall backtothe respectivedefaultvalues.
-->
<init-param>
<param-name>cors.allowGenericHttpRequests</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.allowOrigin</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowSubdomains</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>cors.supportedMethods</param-name>
<param-value>GET,HEAD,POST,OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.supportedHeaders</param-name>
<param-value>Accept,Origin,X-Requested-With,Content-Type,Last-Modified</param-value>
</init-param>
<init-param>
<param-name>cors.exposedHeaders</param-name>
<!--这里可以添加一些自己的暴露Headers -->
<param-value>X-Test-1,X-Test-2</param-value>
</init-param>
<init-param>
<param-name>cors.supportsCredentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.maxAge</param-name>
<param-value>3600</param-value>
</init-param>
</filter>
<filter-mapping>
<!--CORS Filtermapping-->
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
"Access-Control-Allow-Headers":"X-Requested-With,Content-Type,Accept,Origin"
Access-Control-Allow-Headers:X-Requested-With,Content-Type,Accept
Access-Control-Allow-Methods:Get,Post,Put,OPTIONS
Access-Control-Allow-Origin: *