CORS实践

 $.ajax("http://yafbox.18touch.com/", {  
			  type: "POST",
			  data:	{id:id,v:v},	
			  //headers:	{"Liu":"M1"},	
			  dataType:"json",
			  xhrFields: {  
				withCredentials: true 
			  },  
			  crossDomain: true,  
			  success: function(data, status, xhr) {  
				console.log(data);
				console.log(status);
				console.log(xhr);
				console.log(xhr.getAllResponseHeaders());
				console.log(xhr.getResponseHeader("liu"));
			  }  
			}); 

 跨域必须有crossDomain: true,带cookie需要xhrFields: { withCredentials: true }

headers:	{"Liu":"MENG1"},	测试不成功，解析不了

console.log(xhr.getAllResponseHeaders());
console.log(xhr.getResponseHeader("liu"));
不跨域可以获取，但是跨域只能获取content-type头

服务端：

header("Access-Control-Allow-Origin: http://mh.18touch.com");
		//header("Access-Control-Allow-Origin: *");
　　　　　　　　　　header("Access-Control-Allow-Methods: GET,POST,PUT");
		header("Access-Control-Allow-Credentials: true");
		header("Access-Control-Allow-Headers","Content-Type,liu");
		header("Access-Control-Expose-Headers: true");
		header("liu: M"); 
		echo '{"id":'.$_POST['id'].',"v":'.$_POST['v'].',"ak":"'.$_COOKIE['ak'].',"}';
		setcookie ( "Testzy" ,  "liumengzy" ,  time ()+ 3600 ,  "/" ,  ".18touch.com" ,  1 );
		setcookie ( "Testbox" ,  "liumengzbox" ,  time ()+ 3600 ,  "/" ,  "yafbox.18touch.com" ,  1 );
		exit;

 设置header("Access-Control-Allow-Origin: *");jq的ajax请求跨预料域，但是post方法可以。。。

设置完整的域名都可以，跨域读写cookie都可行