转载自：https://www.xiaohuihui.net/posts/9172aa1d.html

Nginx 伪静态配置为：

location / {
  add_header Access-Control-Allow-Origin '*';
  add_header Access-Control-Allow-Methods 'POST,PUT,GET,DELETE';
  add_header Access-Control-Allow-Headers 'version, access-token, user-token, Accept, apiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, ATJ-Token,ATJ-Device-Type';

  if ($request_method = 'OPTIONS') {
    return 204;
  }
  if (!-e $request_filename){
    rewrite  ^(.*)$  /index.php?s=$1  last;   break;
  }
}

程序入口文件增加：

header("Access-Control-Allow-Origin:*");
header("Access-Control-Allow-Methods:GET, POST, OPTIONS, DELETE");
header("Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding,ATJ-Device-Type,ATJ-Token");

其中，Access-Control-Allow-Headers 里的值为 header 传递的自定义字段值

接口公共方法里增加

protected function initialize()
{
    header("Access-Control-Allow-Origin: *");
    header("Access-Control-Allow-Methods:POST,GET");
    header("Access-Control-Allow-Headers:ATJ-Device-Type,ATJ-Token");
    header("Content-type:text/json;charset=utf-8");
}