-
Notifications
You must be signed in to change notification settings - Fork 649
CORS
JoyChou edited this page Oct 26, 2018
·
10 revisions
前端发起AJAX请求都会受到同源策略(CORS)的限制。发起AJAX请求的方法:
- XMLHttpRequest
- JQuery的
$.ajax - Fetch
前端在发起AJAX请求时,同域或者直接访问的情况下,因为没有跨域的需求,所以Request的Header中的Origin为空。此时,如果后端代码是response.setHeader("Access-Control-Allow-Origin", origin),那么Response的header中不会出现Access-Control-Allow-Origin,因为Origin为空。
<html>
<script src="https://cdn.bootcss.com/jquery/3.3.1/jquery.min.js">
</script>
<body>
<script>
$.ajax({
type: "GET",
url: "http://localhost:8080/cors/vuls2",
success: function(data) {
alert(data);
},
error: function(msg) {
alert(msg)
}
});
</script>
</body>
</html>
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS