jQuery 跨域请求post

基于同源策略安全性跨域会有阻止。
服务端指定返回
header("Access-Control-Allow-Origin: 只能指定具体域名不能*");
    
header("Access-Control-Allow-Credentials: true");

跨域设置cookie开启P3P
header('P3P: CP=" CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR "');


下面适用于非IE,可以实现跨域

$.ajax({
		url:api_url + _url,
		data:_params,
		dataType:(_type ? "json" : "jsonp"),
		type:(_type ? "POST" : "GET"),
		crossDomain:true,
		xhrFields:{
			withCredentials:true
		},
		success:function(list){
			if(list.Result == true){				
				 if (_callback){
				 	var func = TM[_callback];
					if (typeof func == "function") {
						func(list.Data);
					}
				 }
			}else{
				if(list.Msg){
					alert(list.Msg);
				}else{
					alert("操作失败");
				}
			}
		},
		error:function(){
			alert("网络错误，请稍后重试");
		}
	});

 

http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/

IE：针对IE8 IE9

function createCORSRequest(method, url){
    var xhr = new XMLHttpRequest();
    if ("withCredentials" in xhr){
        xhr.open(method, url, true);
    } else if (typeof XDomainRequest != "undefined"){
        xhr = new XDomainRequest();
        xhr.open(method, url);
    } else {
        xhr = null;
    }
    return xhr;
}

var request = createCORSRequest("get", "http://www.nczonline.net/");
if (request){
    request.onload = function(){
        //do something with request.responseText
    };
    request.send();
}

 

其他方法：

           

There is no way except to include the authentication cookie value / token in the query string e.g. : buy.api.example.com/?sessionId=$sessionId&otherparameters=test and set your webservice to check the query string if cookies are not present.