简述 HTTP 请求与跨域资源共享 CORS #7989
Merged
简述 HTTP 请求与跨域资源共享 CORS #7989
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PassionPenguin
suggested changes
Feb 5, 2021
|
|
||
| First of all, let's start with how a URL looks like. | ||
| ## URL 格式 |
There was a problem hiding this comment.
Suggested change
| ## URL 格式 | |
| 在开始我们的 HTTP 请求与 CORS 之旅之前,让我们先来了解一下 URL 长什么样吧。 |
There was a problem hiding this comment.
注意到其实这个部分 URL + Hostname + ... 全是 Request 的内容,这里加标题那下面也要加吧:)
|
|
||
| A sample URL consists of 4 parts. | ||
| 示例 URL 由 4 部分组成: |
There was a problem hiding this comment.
Suggested change
| 示例 URL 由 4 部分组成: | |
| 一个示例的 URL 由 4 部分组成: |
|
|
||
|  | ||
|
|
||
| **SCHEME:** The scheme identifies the protocol will be used. **Protocol** specifies how the data is transferred and how to interpret the request. When you look at the protocol, you will have a good understanding of what this URL is used for. ( Like is it an email protocol with the SMTP, POP3, IMAP, or is it SSH request to reach and manage git repositories or is it an HTTP request for web) | ||
| **服务类型(scheme)** 指明将被使用的协议(protocol)。**协议(protocol)** 指定数据如何传输以及如何处理请求。当你查看协议时,你就能很好地理解这个 URL 的用途。(例如是带有 SMTP、POP3、IMAP 的电子邮件协议,还是获取和管理 git 仓库的 SSH 请求,或者是针对 Web 的 HTTP 请求。) |
There was a problem hiding this comment.
Suggested change
| **服务类型(scheme)** 指明将被使用的协议(protocol)。**协议(protocol)** 指定数据如何传输以及如何处理请求。当你查看协议时,你就能很好地理解这个 URL 的用途。(例如是带有 SMTP、POP3、IMAP 的电子邮件协议,还是获取和管理 git 仓库的 SSH 请求,或者是针对 Web 的 HTTP 请求。) | |
| **服务类型(Scheme)** 指明将被使用的协议(Protocol)。**协议** 指定数据如何传输以及如何处理请求。当你查看协议时,你就能很好地理解这个 URL 的用途。(例如是带有 SMTP、POP3、IMAP 的电子邮件协议,还是获取和管理 git 仓库的 SSH 请求,或者是针对 Web 的 HTTP 请求。) |
|
|
||
| **Query parameters:** | ||
| **查询参数:** |
There was a problem hiding this comment.
Suggested change
| **查询参数:** | |
| **Query 参数:** |
|
|
||
| **Path:** | ||
| **路径:** |
There was a problem hiding this comment.
Suggested change
| **路径:** | |
| **路径(Path):** |
|
|
||
| Certain “**cross-domain**” requests, notably Ajax requests, are forbidden by default by the [same-origin security policy](https://en.wikipedia.org/wiki/Same-origin_policy) while “**Same-Origin**” requests are always allowed. | ||
| [同源安全策略默](https://en.wikipedia.org/wiki/Same-origin_policy)默认禁止某些`跨域(cross-domain)`请求,尤其是 Ajax 请求,而始终允许`相同来源(Same-Origin)`请求。 |
There was a problem hiding this comment.
Suggested change
| [同源安全策略默](https://en.wikipedia.org/wiki/Same-origin_policy)默认禁止某些`跨域(cross-domain)`请求,尤其是 Ajax 请求,而始终允许`相同来源(Same-Origin)`请求。 | |
| [同源安全策略](https://en.wikipedia.org/wiki/Same-origin_policy)默认禁止某些`跨域(Cross-Domain)`请求,尤其是 Ajax 请求,而始终允许`相同来源(Same-Origin)`请求。 |
|
|
||
| > **Cross-Origin Resource Sharing** ([CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS)) is an HTTP-header based mechanism that allows a server to indicate any other [origin](https://developer.mozilla.org/en-US/docs/Glossary/origin)s (domain, scheme, or port) than its own from which a browser should permit loading of resources. | ||
| > **跨域资源共享**([CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS))是基于 HTTP 表头的机制,它允许服务器指出浏览器应该允许加载资源的任何其他[来源](https://developer.mozilla.org/en-US/docs/Glossary/origin)(域、方案或端口)。 |
There was a problem hiding this comment.
Suggested change
| > **跨域资源共享**([CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS))是基于 HTTP 表头的机制,它允许服务器指出浏览器应该允许加载资源的任何其他[来源](https://developer.mozilla.org/en-US/docs/Glossary/origin)(域、方案或端口)。 | |
| > **跨域资源共享**([CORS](https://developer.mozilla.org/en-US/docs/Glossary/CORS))是基于 HTTP 表头的机制,它允许服务器指出浏览器应该允许加载资源的任何其他[来源](https://developer.mozilla.org/en-US/docs/Glossary/origin)(域、协议或端口)。 |
|
|
||
| The browser notices that the domain is different so it sends an **OPTIONS** request to that server just to check if the request is allowed. This has nothing to do with the developer though, it goes automatically by the browser. But developer, before sending a cross-origin request, can add some headers to the request which may help to get allowed. | ||
| 当浏览器发现域是不同的,它会向该服务器发送一个 **OPTIONS** 请求,检查请求是否被允许。尽管这与开发人员无关,浏览器会自动进行。然而开发人员可以在发送跨域请求之前,向请求添加一些表头,这可能有助于获得允许。 |
There was a problem hiding this comment.
Suggested change
| 当浏览器发现域是不同的,它会向该服务器发送一个 **OPTIONS** 请求,检查请求是否被允许。尽管这与开发人员无关,浏览器会自动进行。然而开发人员可以在发送跨域请求之前,向请求添加一些表头,这可能有助于获得允许。 | |
| 当浏览器发现域是不同的,它会向该服务器发送一个 **OPTIONS** 请求,检查请求是否被允许。这个行为与我们这些前端开发人员其实并没有什么关系,因为这是浏览器自动进行的行为。然而开发人员可以在发送跨域请求之前,向请求添加一些表头,这可能有助于获得允许。 |
|
|
||
| **Access-Control-Allow-Credentials** — If this is true in the response header, then the cross-domain request will include a cookie header. | ||
| **Access-Control-Allow-Credentials** — 如果在响应头中为 true,则跨域请求将包含 cookie 表头。 |
There was a problem hiding this comment.
Suggested change
| **Access-Control-Allow-Credentials** — 如果在响应头中为 true,则跨域请求将包含 cookie 表头。 | |
| **Access-Control-Allow-Credentials** — 如果在响应头中为 true,则跨域请求将包含 Cookie 表头。 |
|
|
||
| I tried to explain these important concepts very briefly, if you have any questions or want to know more in one particular topic covered above, please let me know. | ||
| 我试图简要说明这些重要概念,如果你有任何疑问或想在上述一个特定主题中了解更多信息,请告诉我。 |
There was a problem hiding this comment.
Suggested change
| 我试图简要说明这些重要概念,如果你有任何疑问或想在上述一个特定主题中了解更多信息,请告诉我。 | |
| 在这篇文章中我尝试着以最简明的方法向你们介绍了这些重要的概念,而如果你有任何疑问或想在上述一个特定主题中了解更多信息,请记得告诉我喔。 |
|
@PassionPenguin 感谢校对! |
PassionPenguin
previously approved these changes
Feb 5, 2021
|
|
||
|  | ||
|
|
||
| **服务类型(scheme)** 指明将被使用的协议(protocol)。**协议(protocol)** 指定数据如何传输以及如何处理请求。当你查看协议时,你就能很好地理解这个 URL 的用途。(例如是带有 SMTP、POP3、IMAP 的电子邮件协议,还是获取和管理 git 仓库的 SSH 请求,或者是针对 Web 的 HTTP 请求。) | ||
| **服务类型(Scheme)** 指明将被使用的协议(protocol)。**协议(Protocol)** 指定数据如何传输以及如何处理请求。当你查看协议时,你就能很好地理解这个 URL 的用途。(例如是带有 SMTP、POP3、IMAP 的电子邮件协议,还是获取和管理 git 仓库的 SSH 请求,或者是针对 Web 的 HTTP 请求。) |
There was a problem hiding this comment.
害,这里前面已经给了定义 Protocol 了,后面的就直接移到前面啦
并且前面那只给个首字母大写嘛
|
@lsvih 校对认领 |
|
@regon-cao 好的 |
regon-cao
reviewed
Feb 9, 2021
| 3. **Body** (Optional): When you do a POST, PUT, PATCH requests to do server, you need to send a body which is telling the server what data you want to send. Example: | ||
| 1. **请求行**:由请求方法(GET、POST、DELETE 等)和路径(从 URL 中提取)组成。 | ||
| 2. **表头**:上文已经简要说明过。 | ||
| 3. **请求体**(可选): 当你向服务器发出 POST、PUT、PATCH 请求时,你需要发送一个请求体报文,该报文告诉服务器你想要发送什么数据。示例: |
|
|
||
| Currently, you are seeing the response comes from **medium.com** server. Let’s say I wrote a JS code which is sending a POST request to my own website while you are browsing this. This is called **Cross-Domain request**. | ||
| 当前,你看到的响应来自 **medium.com** 服务器。假设我写了一个 JS | ||
| 代码,当你在网页浏览这个的时候,它正在向我自己的网站服务器发送一个 POST 请求。这称为跨域请求(**Cross-Domain request**)。 |
|
@regon-cao 感谢校对! |
lsvih
approved these changes
Feb 9, 2021
|
@zenblo 已经 merge 啦~ 快快麻溜发布到掘金然后给我发下链接,方便及时添加积分哟。 掘金翻译计划有自己的知乎专栏,你也可以投稿哈,推荐使用一个好用的插件。 |
ghost
deleted the
quick-overview-of-http-requests-cross-origin-resource-sharing-cors
branch
|
收到 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
@lsvih 译文翻译完成,resolve #7960