Simply I'm making an app using Codeigniter as PHP framework and I'm using API for rendering the view on cross site with ajax request. Now my problem is I have hosted all my files in one site say homnath.com.np and provided the API key to different websites by storing their webURL into database, say abc.com, xyz.com and many others. Now when xyz.com hits in my site homnath.com by ajax, how could I know the webURL that is hitting on my site homnath.com by API key, and how to allow for it for CORS if it is a valid and listed website. Moreover I have used header("Access-Control-Allow-Origin: *"); to allow for all webURLS and now I want to filter them and provide access to only those which are listed on my database. How can I do it in controller of codeigniter. I want to block for rest of the sites.
1条回答 默认 最新
python小菜 2016-01-08 08:14关注for this you can check for the URL as
$incomingOrigin = $webURL; $hotdat = array(); foreach ($hotelURL as $releted){ //$hotelURL is an array from your database $addURL = $releted->url; // $releted->url the db field name for url array_push($hotdat, $addURL); } if ($incomingOrigin !== null && isOriginAllowed($incomingOrigin, $hotdat)== TRUE) { header("Access-Control-Allow-Origin: $incomingOrigin"); }else{ echo ("CSRF protection in POST request: detected invalid Origin header: " . $incomingOrigin); header("Access-Control-Allow-Origin: http://bookingpoints.com"); }解决 无用评论 打赏举报
分享
- 2019-02-19 09:21回答 1 已采纳 Turns out it was due to php not allowing me to use the class name "Log" renamed everything called
- 2017-02-09 09:44回答 2 已采纳 You are missing CORS settings on your PHP headers, try adding following: header('Access-Control-A
- 2017-11-23 15:11回答 1 已采纳 Your client-side JavaScript is attempting to set an Access-Control-Allow-Origin header on the requ
- 2022-12-24 23:08并非的博客 CORS(跨域资源共享)错误是浏览器在尝试加载来自不同源的资源时会抛出的错误。 解决 CORS 错误的方法有以下几种: 在服务器端设置响应头: 如果你控制着服务器端,你可以在服务器端设置响应头来允许跨域访问。 在 ...
- 2023-01-20 07:54回答 1 已采纳 跨域是浏览器的同源策略限制,同源策略(Sameoriginpolicy)是一种约定,它是浏览器最核心也最基本的安全功能。是javascript脚本和另外一个域的内容进行交互。所谓同源(即指在同一个域)
- 2017-02-08 20:23回答 1 已采纳 Looking at the last line of your error I guess you are missing the content-type header in your ser
- 2023-03-14 20:00回答 2 已采纳 接口的ip端口应该是http://127.0.0.1:8080或者不加ip端口/开头;梳理下逻辑,你这有两个web服务8080和8899,8080浏览器访问8899是会跨域,在配置了devServic
- 2020-08-27 20:52React 中的 CORS 跨域请求实现方法 React 是一个流行的前端框架, Fetch 是一个内置的 JavaScript 函数,用于发送网络请求。然而,在使用 Fetch 时,经常会遇到跨域问题,即无法从不同域名下的服务器获取数据。这篇...
- 2018-12-03 17:41回答 1 已采纳 Finally, I was the only one faulty on this "issue". The routing defined in dispatch.yaml was set i
- 2018-07-09 06:41回答 1 已采纳 Ok problem solved. After more experimentation I found that the correct location for the access con
- 2018-08-20 15:48回答 3 已采纳 From everything I read here, including your comments it seems your "production" server is behind a
- 2021-04-13 00:30江子星的博客 介绍通过代码演示 前端与PHP下的 CORS 相关使用和设置。目录结构:run.sh 运行 server(直接使用 php -S 启动)client/index.php 客户端 页面server/index.php 服务端 接口运行linux 环境 + PHP7.x(windows 环境可以...
- 2019-07-28 21:29回答 1 已采纳 Problem fixed. The actual problem was from the post request. It did not send the credentials with
- 2024-01-18 15:03kxsvq的博客 其他思路:网上搜很多文章直接是在 Controller 的 behaviors 中加入下面代码,但是我发现并不生效,直接在入口文件 index.php 加入下面代码就可以解决。但是我发现如果不在入口文件 index.php 加入。使用的环境是vue...
- 2021-06-18 06:29一个简单的 PHP 代理,可以解决前端和后端服务器之间的 CORS 限制。 概述 请求周期如下 浏览器向前端服务器上的“/$PROXYNAME/xx”发出请求 代理脚本获取 "/$PROXYNAME/" 之后的所有内容并将其附加到 $CMS_SERVER...
- 没有解决我的问题, 去提问
悬赏问题
- ¥15 Stata链式中介效应代码修改
- ¥15 latex投稿显示click download
- ¥15 请问读取环境变量文件失败是什么原因?
- ¥15 在若依框架下实现人脸识别
- ¥15 添加组件无法加载页面,某块加载卡住
- ¥15 网络科学导论,网络控制
- ¥15 利用Sentinel-2和Landsat8做一个水库的长时序NDVI的对比,为什么Snetinel-2计算的结果最小值特别小,而Lansat8就很平均
- ¥15 metadata提取的PDF元数据,如何转换为一个Excel
- ¥15 关于arduino编程toCharArray()函数的使用
- ¥100 vc++混合CEF采用CLR方式编译报错