axios 设置
withCredentials :true
axios.defaults.headers.post['Content-Type'] = 'application/x-www-form-urlencoded'
如果 Content-Type是 application/x-www-form-urlencoded
需要用 qs.stringify
$u = $_SERVER['HTTP_REFERER'];
$u = preg_replace('#/$#', '', $u);
header("Access-Control-Allow-Origin: " . $u);//$_SERVER['HTTP_REFERER']
header("Access-Control-Allow-Credentials:true ");
header("Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE");
header('Access-Control-Allow-Headers: X-Requested-With,X_Requested_With,X-Custom-Header,Origin, Content-Type, Accept, Authorization');
后端设置Access-Control-Allow-Credentials:true后,要将Access-Control-Allow-Origin指定到具体的域,否则cookie不会带到客户端。