What if the server has to set the domain name across domains after the client in the hybrid app is allowed to send cookie?

< H2 > client code: < / H2 > 
let xhr = new XMLHttpRequest();
xhr.open("post" , url , true);
xhr.withCredentials = true;
xhr.send(null);
< H2 > server: < / H2 > 
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Credentials: true");
< H2 > client error: < / H2 > 
Access to XMLHttpRequest at "http://t.com/index.php" from origin "null" has been blocked by CORS policy: The value of the "Access-Control-Allow-Origin" header in the response must not be the wildcard "*" when the request"s credentials mode is "include". The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

the request header also becomes a request header without complete information:

clipboard.png

excuse me, under the mixed app development mode, how to allow the client to carry cookie ?

App javascript php
Oct.20,2021 
header('Access-Control-Allow-Origin: *');

this sentence cannot return * . It should be a specific domain name, such as

. 
header('Access-Control-Allow-Origin: http://t.com');

Previous: When using absolute positioning, when the page content is too much, sliding down will appear a blank style, how to solve it?

Next: Rxswift self problem

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu