Specify multiple access control subdomains

Question

Specify multiple access control subdomains

I am trying to allow access to every subdomain on my site in order to allow cross AJAX subdomains. Is there a way to specify all subdomains of a site like *.example.comor, alternatively, why the following does not work if I have multiple domains:

header('Access-Control-Allow-Origin: http://api.example.com http://www.example.com');

I read the following question, which seems similar, if not the same as this, except that I want to access the subdomains, and this applies to shared domains.

Access-Control-Allow-Origin Multiple domains of origin?

If the above question is the solution to this problem, then how can I get the source from the header. It seems that $ _SERVER ['HTTP_ORIGIN'] is a very unreliable and not even a cross browser. I need to see the source in any browser that may show an error when trying to send an AJAX call using javascript.

+5

javascript ajax php header cross-domain

Ben carey Mar 09 '12 at 8:46

source share

2 answers

Here is a good article about your question: http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/

, , : https://raw.github.com/cowboy/php-simple-proxy/master/ba-simple-proxy.php

Proxy , : http://www.example.com/ba-simple-proxy.php?url=https://api.example.com

-2

riyuk 09 . '12 8:57

Ben carey · Accepted Answer · 2012-03-16T13:12:17+0000

The solution to this problem is to use the $ _SERVER ['HTTP_ORIGIN'] variable to determine if the request came from an allowed domain. Then he installed the following:

header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);

Specify multiple access control subdomains

More articles: