// 方法1:配置文件中
return [
...
'components' => [
...
'response' => [
'on beforeSend' => function($event) {
$event->sender->headers->add('X-Frame-Options', 'DENY');
},
],
...
],
];
// 方法2:控制器方法中
return Yii::createObject([
'class' => 'yiiwebResponse',
'format' => yiiwebResponse::FORMAT_JSON,
'on beforeSend' => function ($event) {
$event->sender->headers->add('Access-Control-Allow-Origin', '*');
},
'data' => [
'msg' => 'hello world',
'code' => 100,
'aa' => 'bb'
],
]);
// 方法3:afterAction中. index和edit方法允许跨域
public function afterAction($action, $result)
{
if (in_array($action->id, ['index','edit'])) {
$headers = $result->getHeaders();
$headers->set('Access-Control-Allow-Origin', '*');
}
return $result;
}