nginx
set $cors_origin "";
set $cors_cred "";
if ( $http_origin ~* ^(http?:\/\/.*\.baidu\.cn$) ){
set $cors_origin $http_origin;
set $cors_cred true;
}
if ( $http_origin ~* ^(https?:\/\/.*\.baidu\.cn$) ){
set $cors_origin $http_origin;
set $cors_cred true;
}
add_header Access-Control-Allow-Origin $http_origin;
add_header Access-Control-Allow-Credentials $cors_cred;
# add_header Access-Control-Allow-Methods 'GET,POST';
add_header Access-Control-Allow-Headers "Origin,Authorization, X-Requested-With, Content-Type, Accept,token";apache
SetEnvIf Origin "http(s)?://(\S*\.)?(baidu\.cn)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Credentials true
Header set Access-Control-Allow-Headers "Origin,Authorization, X-Requested-With, Content-Type, Accept,token"