php - process to disable cross domain request -

php - process to disable cross domain request -

i want disable cross domain ajax request.

what mean if im posting info through ajax phone call like

var request = $.ajax({ url: 'uploadfiles.php', type: 'post', data: data, cache: false, contenttype: false, processdata: false, beforesend: function( ) { $(".progressbar").show(); }, xhr: function() { var xhr = $.ajaxsettings.xhr(); if(xhr.upload){ xhr.upload.addeventlistener( 'progress', showprogress, false); } homecoming xhr; }, success: function(data){ if( percentcomplete <= 100 ) { $('#pb div').animate({ width: '100%' }, { step: function(now) { $(this).text( math.round(now) + '%' ); }, duration: 10}); ajaxloading = false; } $('#uplcomp').append( info ); } }); }

if 1 trying post uploadfiles.php through ajax request domain , how can prevent access uploadfiles.php

i want allow domain send info through ajax call

after googling found solution:

$http_origin = $_server['http_origin']; if ($http_origin == "http://www.domain1.com" || $http_origin == "http://www.domain2.com" || $http_origin == "http://www.domain3.info") { header("access-control-allow-origin: $http_origin"); }

where have utilize above code. in uploadfiles.php ?

updated : have used in uploadfiles.php

displays : notice

**undefined index: http_origin**

updated 2

how can utilize statement

content-security-policy: script-src 'self' https://apis.google.com

do have mention php config files or in filesupload.php

what above statement do?

php jquery ajax security content-security-policy