后台如何解决跨域问题

header('X-Frame-Options: deny');

//获取当前的服务器的域名
$origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : '';
$allow_origin = array(
    'http://www.huwaihui.net',
    'http://appline.huwaihui.net',
    'http://shop.huwaihui.net',
);

//如果在这几个里就放行
if (in_array($origin, $allow_origin)) {
    header('Access-Control-Allow-Origin:' . $origin);
    header('Access-Control-Allow-Methods:POST, GET');
    header('Access-Control-Allow-Headers:x-requested-with,content-type');
}
//ok
header("Access-Control-Allow-Credentials: true");