Simply I'm making an app using Codeigniter as PHP framework and I'm using API for rendering the view on cross site with ajax request. Now my problem is I have hosted all my files in one site say homnath.com.np and provided the API key to different websites by storing their webURL into database, say abc.com, xyz.com and many others. Now when xyz.com hits in my site homnath.com by ajax, how could I know the webURL that is hitting on my site homnath.com by API key, and how to allow for it for CORS if it is a valid and listed website. Moreover I have used header("Access-Control-Allow-Origin: *"); to allow for all webURLS and now I want to filter them and provide access to only those which are listed on my database. How can I do it in controller of codeigniter. I want to block for rest of the sites.
1条回答 默认 最新
python小菜 2016-01-08 08:14关注for this you can check for the URL as
$incomingOrigin = $webURL; $hotdat = array(); foreach ($hotelURL as $releted){ //$hotelURL is an array from your database $addURL = $releted->url; // $releted->url the db field name for url array_push($hotdat, $addURL); } if ($incomingOrigin !== null && isOriginAllowed($incomingOrigin, $hotdat)== TRUE) { header("Access-Control-Allow-Origin: $incomingOrigin"); }else{ echo ("CSRF protection in POST request: detected invalid Origin header: " . $incomingOrigin); header("Access-Control-Allow-Origin: http://bookingpoints.com"); }解决 无用评论 打赏举报
分享
- 2019-02-19 09:21回答 1 已采纳 Turns out it was due to php not allowing me to use the class name "Log" renamed everything called
- 2017-02-09 09:44回答 2 已采纳 You are missing CORS settings on your PHP headers, try adding following: header('Access-Control-A
- 2017-11-23 15:11回答 1 已采纳 Your client-side JavaScript is attempting to set an Access-Control-Allow-Origin header on the requ
- 2024-08-07 16:14BeiXiu_的博客 后端配置 CORS 头,允许凭证,并确保 Access-Control-Allow-Origin 设置为具体的前端域名而不是 *。确保 Origin 匹配: 确保 Access-Control-Allow-Origin 的值与请求的 Origin 完全匹配,包括协议和端口。前端axios...
- 2023-01-20 07:54回答 1 已采纳 跨域是浏览器的同源策略限制,同源策略(Sameoriginpolicy)是一种约定,它是浏览器最核心也最基本的安全功能。是javascript脚本和另外一个域的内容进行交互。所谓同源(即指在同一个域)
- 2017-02-08 20:23回答 1 已采纳 Looking at the last line of your error I guess you are missing the content-type header in your ser
- 2023-03-14 20:00回答 2 已采纳 接口的ip端口应该是http://127.0.0.1:8080或者不加ip端口/开头;梳理下逻辑,你这有两个web服务8080和8899,8080浏览器访问8899是会跨域,在配置了devServic
- 2022-12-24 23:08并非的博客 CORS(跨域资源共享)错误是浏览器在尝试加载来自不同源的资源时会抛出的错误。 解决 CORS 错误的方法有以下几种: 在服务器端设置响应头: 如果你控制着服务器端,你可以在服务器端设置响应头来允许跨域访问。 在 ...
- 2018-12-03 17:41回答 1 已采纳 Finally, I was the only one faulty on this "issue". The routing defined in dispatch.yaml was set i
- 2018-07-09 06:41回答 1 已采纳 Ok problem solved. After more experimentation I found that the correct location for the access con
- 2021-11-23 15:09回答 1 已采纳 跨域问题
- 2020-08-27 20:52React 中的 CORS 跨域请求实现方法 React 是一个流行的前端框架, Fetch 是一个内置的 JavaScript 函数,用于发送网络请求。然而,在使用 Fetch 时,经常会遇到跨域问题,即无法从不同域名下的服务器获取数据。这篇...
- 2018-08-20 15:48回答 3 已采纳 From everything I read here, including your comments it seems your "production" server is behind a
- 2021-06-18 06:29一个简单的 PHP 代理,可以解决前端和后端服务器之间的 CORS 限制。 概述 请求周期如下 浏览器向前端服务器上的“/$PROXYNAME/xx”发出请求 代理脚本获取 "/$PROXYNAME/" 之后的所有内容并将其附加到 $CMS_SERVER...
- 2021-04-13 00:30江子星的博客 介绍通过代码演示 前端与PHP下的 CORS 相关使用和设置。目录结构:run.sh 运行 server(直接使用 php -S 启动)client/index.php 客户端 页面server/index.php 服务端 接口运行linux 环境 + PHP7.x(windows 环境可以...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 数据量少可以用MK趋势分析吗
- ¥15 使用VH6501干扰RTR位,CANoe上显示的错误帧不足32个就进入bus off快慢恢复,为什么?
- ¥15 大智慧怎么编写一个选股程序
- ¥100 python 调用 cgps 命令获取 实时位置信息
- ¥15 两台交换机分别是trunk接口和access接口为何无法通信,通信过程是如何?
- ¥15 C语言使用vscode编码错误
- ¥15 用KSV5转成本时,如何不生成那笔中间凭证
- ¥20 ensp怎么配置让PC1和PC2通讯上
- ¥50 有没有适合匹配类似图中的运动规律的图像处理算法
- ¥15 dnat基础问题,本机发出,别人返回的包,不能命中