'shop-fav'

@@ -597,8 +597,11 @@ if ($brandHeader.length > 0) {
 
         $.ajax({
             type: 'GET',
-            url: postUrl,
+            url: location.protocol + '//m.yohobuy.com' + postUrl,
             data: postData,
+            xhrFields: {
+                withCredentials: true
+            },
             success: function(data) {
                 if (data.code === 200) {
                     $this.toggleClass('coled');

@@ -883,7 +883,9 @@ function postCollect(info) {
         method: 'get',
         url: location.protocol + '//m.yohobuy.com' + info.url,
         data: info.data,
-
+        xhrFields: {
+            withCredentials: true
+        },
         success: function(data) {
 
             if (data.code === 200) {

@@ -631,7 +631,8 @@ class IndexController extends AbstractAction
      */
     public function shopFavAction()
     {
-        header('Access-Control-Allow-Origin:*');
+        header('Access-Control-Allow-Origin:' . $_SERVER['HTTP_ORIGIN']);
+        header('Access-Control-Allow-Credentials:true');
         $data = array();
         $shopId = $this->get('shop_id', 0);
         $appVersion = $this->get('app_version', 0);
@@ -641,9 +642,6 @@ class IndexController extends AbstractAction
             $uid = $this->getUid();
         }
         do {
-            // if (!$this->isAjax()) {
-            //     break;
-            // }
             if (empty($uid)) {
                 $data['code'] = 401;
                 $refer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
@@ -667,7 +665,8 @@ class IndexController extends AbstractAction
      */
     public function cancelShopFavAction()
     {
-        header('Access-Control-Allow-Origin:*');
+        header('Access-Control-Allow-Origin:' . $_SERVER['HTTP_ORIGIN']);
+        header('Access-Control-Allow-Credentials:true');
         $data = array();
         $shopId = $this->get('shop_id', 0);
         $appVersion = $this->get('app_version', 0);
@@ -676,14 +675,9 @@ class IndexController extends AbstractAction
         } else {
             $uid = $this->getUid();
         }
-        do {
-            // if (!$this->isAjax()) {
-            //     break;
-            // }
-            if (!empty($shopId) && !empty($uid)) {
-                $data = ShopData::cancelShopFav($uid, $shopId);
-            }
-        } while(false);
+        if (!empty($shopId) && !empty($uid)) {
+            $data = ShopData::cancelShopFav($uid, $shopId);
+        }
         $this->echoJson($data);
     }
 

@@ -25,14 +25,11 @@ class OptController extends AbstractAction
      */
     public function favoriteBrandAction()
     {
+        header('Access-Control-Allow-Origin:' . $_SERVER['HTTP_ORIGIN']);
+        header('Access-Control-Allow-Credentials:true');
         $result = array('code' => 401, 'message' => '参数不正确', 'data' => false);
 
         do {
-            /* 判断是否是AJAX请求 */
-            if (!$this->isAjax()) {
-                break;
-            }
-
             /* 判断品牌ID是否有效 */
             $id = $this->post('id');
             if (!is_numeric($id)) {
@@ -74,14 +71,11 @@ class OptController extends AbstractAction
      */
     public function favoriteProductAction()
     {
+        header('Access-Control-Allow-Origin:' . $_SERVER['HTTP_ORIGIN']);
+        header('Access-Control-Allow-Credentials:true');
         $result = array('code' => 401, 'message' => '参数不正确', 'data' => false);
 
         do {
-            /* 判断是否是AJAX请求 */
-            if (!$this->isAjax()) {
-                break;
-            }
-
             /* 判断品牌ID是否有效 */
             $id = $this->post('id');
             if (!is_numeric($id)) {