extjs和yii跨域问题解决

Extjs

只是跨域extjs并不需要特别的设置，但是默认并不支持cookie会话

app.js顶部加入

Ext.Ajax.setWithCredentials(true);

这项只能解决通过Ext.Ajax发起请求时发送Cookie的问题，proxy还要单独处理

要让proxy ajax默认发送cookie需要overrides Ext.data.proxy.Ajax,在overrides\data\proxy目录中创建Ajax.js，内容为

Ext.define('overrides.data.proxy.Ajax', {

override:'Ext.data.proxy.Ajax',

config: {

/**

* @cfg {Boolean} withCredentials

* This configuration is sometimes necessary when using cross-origin resource sharing.

* @accessor

*/

withCredentials: true

}

});

YII

index.php或controller中加入以下语句

if(isset($_SERVER['HTTP_ORIGIN']))

{

//$_SERVER['HTTP_X_REQUESTED_WITH']="XMLHttpRequest";

header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");

header("Access-Control-Allow-Credentials: true");

}

if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS')

{

if(isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))

header("Access-Control-Allow-Methods: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']}");

if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))

header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

header('Access-Control-Max-Age: 86400');

//header("Access-Control-Allow-Methods: GET, POST, OPTIONS");

//header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie, Authorization');

//header('Access-Control-Expose-Headers','Set-Cookie');

webapp()->end();

return;

}