离子 - 访问控制允许来源

Question

我目前正在使用 Ionic 开发一个移动应用程序，尽管我的登录系统被阻止了.. 目的是发送用户通过 POST 输入的信息，然后我网站的“API”会检查所有信息并扭转结果

但我有以下错误：

  XMLHttpRequest cannot load http://myfinance.byethost11.com/MyFinanceAPI/index.php. Origin http://localhost:8100 is not allowed by Access-Control-Allow-Origin.

然而我尝试过跨域搜索信息但无法运行...我认为它来自我的服务器配置或那里的api ..但是如果您有解决方案我不知道该怎么办？

我的离子控制器：

controller('LoginCtrl', function($scope, $http, $log,$state){
  $scope.user = {};
  $scope.login = function() {
    var request = {
      method: "post",
      url: "http://myfinance.byethost11.com/MyFinanceAPI/index.php",
      data: {
      user: $scope.user.username,
      password: $scope.user.password
    },
     headers: { 'Content-Type': 'application/x-www-form-urlencoded' }
    };
    $http(request).then(function (response){
      if (response.data == '1'){
        alert('Bienvenue !');
        $state.go('home');
      }
      else {
        alert('Connexion impossible');
      }
    })
  }
})

我的 API：

<?php
header("Access-Control-Allow-Origin: *");
$postdata = file_get_contents("php://input");
$request = json_decode($postdata);
$user = $request->user;
$password = $request->password;

if($user == 'test'){
  echo '1';
}else{
  echo '0';
}

提前致谢:)

Answer 1

试一试，如果有效，请告诉我。

 if (isset($_SERVER['HTTP_ORIGIN'])) {
    header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
    header('Access-Control-Allow-Credentials: true');
    header('Access-Control-Max-Age: 86400'); 
}

// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
        header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
        header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

    exit(0);
}

echo "You have CORS!";