我有2域（域A，域B）。

I have 2 domains (domain A, domain B).

在域A放在ZF2应用程序，一切正常。

On domain A is placed ZF2 application, and everything is ok.

在域B放置目标网页（小网站表单收集数据）。

On domain B is placed Landing Page (small site with form to collect data).

从登录页面我要发送表单数据域A（AJAX请求）的应用程序。

From Landing Page I want send form data to application on domain A (AJAX Request).

在域A很遗憾ZF2应用程序没有接收数据，并没有显示出结果。 一切正常，当我把AJAX请求来自同一个域，其中ZF2程序是。

Unfortunatelly ZF2 app on domain A didn't receive data, and didn't show results. Everything is ok when I make AJAX Request from same domain where ZF2 app is.

我试着使用JSONP但没有成功。

I tried use JSONP but without success.

我没有任何其他线索，如何迫使这个工作。

I don't have any other clue how to force this to work.

推荐答案

由于Bodgan的回答说，这是一个浏览器的安全问题，而不是ZF2问题。一种流行的方式来解决它是改变访问控制 - 允许原产地您的域A的允许从域B的请求这和其他解决方案的讨论Mozilla开发者网络（MDN）页 HTTP访问控制（CORS）。

As Bodgan's answer stated, this is a browser security issue rather than a ZF2 issue. One popular way to get around it is to change the ACCESS-CONTROL-ALLOW-ORIGIN of your domain A to allow requests from domain B. This and other solutions are discussed on the Mozilla Developer Network (MDN) page for HTTP access control (CORS).

基本上你需要告诉接收服务器（域A），它是好的，为资源的请求作出回应。您可以在的.htaccess 文件放置在域A下面的Web根目录做一些简单的示例code，表示为域A，它应该响应从所有域资源共享的要求： * 。该MDN给出的链接进入一个更深入的讨论跨域资源共享（CORS）。请记住，有安全隐患，而且在大多数情况下，你不希望从打开你的服务器的请求 * 的起源，而是由自己控制的特定主机

Basically you need to indicate to the receiving server (domain A) that it is okay to respond to requests for resources. You can do this within a .htaccess file placed in the web root of domain A. Below is some simple sample code that indicates to domain A that it should respond to resource sharing requests from all domains: *. The MDN article linked to above goes into a more in-depth discussion of "Cross-Origin Resource Sharing (CORS)". Keep in mind that there are security implications, and in most scenarios you do not want to open up your server to requests from * origins, but rather to a specific host controlled by yourself.

Options +FollowSymlinks
RewriteEngine on

Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"