CORS & OPTIONS & preflight request
CORS & OPTIONS
preflight request
- CORS 原理
CORS跨域的原理实际上是浏览器与服务器通过一些HTTP协议头来做一些约定和限制
- OPTIONS 应用场景
https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request
preflighted requests & simple requests
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Preflighted_requests
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Simple_requests
https://dev.to/effingkay/cors-preflighted-requests--options-method-3024
demos
- GET & application/json === OPTION
const getData = (url = ``) => {
// Default options are marked with *
return fetch(url, {
cache: "no-cache", // *default, no-cache, reload, force-cache, only-if-cached
credentials: "same-origin", // include, same-origin, *omit
headers: {
// "user-agent": "Mozilla/4.0 MDN Example",
"Content-Type": "application/json",
// "Content-Type": "text/plain",
// "Content-Type": "text/plain",
},
method: "GET", // *GET, POST, PUT, DELETE, etc.
mode: "cors", // no-cors, cors, *same-origin
redirect: "follow", // manual, *follow, error
referrer: "no-referrer", // *client, no-referrer
})
.then(response => response.json()) // parses response to JSON
.then(json => {
// json
console.log(`json =`, JSON.stringify(json, null, 4));
return json;
})
.catch(err => console.error(`error =`, err));
};
getData(`https://cdn.xgqfrms.xyz/json/data.json`);
- GET & text/plain !== OPTION
const getData = (url = ``) => {
// Default options are marked with *
return fetch(url, {
cache: "no-cache", // *default, no-cache, reload, force-cache, only-if-cached
credentials: "same-origin", // include, same-origin, *omit
headers: {
// "user-agent": "Mozilla/4.0 MDN Example",
// "Content-Type": "application/json",
"Content-Type": "text/plain",
// "Content-Type": "text/plain",
},
method: "GET", // *GET, POST, PUT, DELETE, etc.
mode: "cors", // no-cors, cors, *same-origin
redirect: "follow", // manual, *follow, error
referrer: "no-referrer", // *client, no-referrer
})
.then(response => response.json()) // parses response to JSON
.then(json => {
// json
console.log(`json =`, JSON.stringify(json, null, 4));
return json;
})
.catch(err => console.error(`error =`, err));
};
getData(`https://cdn.xgqfrms.xyz/json/data.json`);
- POST & application/json === OPTION
const postData = (url = ``, data = {}) => {
// Default options are marked with *
return fetch(url, {
body: JSON.stringify(data), // must match "Content-Type" header
cache: "no-cache", // *default, no-cache, reload, force-cache, only-if-cached
credentials: "same-origin", // include, same-origin, *omit
headers: {
// "user-agent": "Mozilla/4.0 MDN Example",
"Content-Type": "application/json",
// "Content-Type": "text/plain",
// "Content-Type": "text/plain",
},
method: "POST", // *GET, POST, PUT, DELETE, etc.
mode: "cors", // no-cors, cors, *same-origin
redirect: "follow", // manual, *follow, error
referrer: "no-referrer", // *client, no-referrer
})
.then(response => response.json()) // parses response to JSON
.then(json => {
// json
console.log(`json =`, JSON.stringify(json, null, 4));
return json;
})
.catch(err => console.error(`error =`, err));
};
postData(`https://cdn.xgqfrms.xyz/json/data.json`, {});
- POST & application/x-www-form-urlencoded !== OPTION
const postData = (url = ``, data = {}) => {
// Default options are marked with *
return fetch(url, {
body: data, // must match "Content-Type" header
cache: "no-cache", // *default, no-cache, reload, force-cache, only-if-cached
credentials: "same-origin", // include, same-origin, *omit
headers: {
// "user-agent": "Mozilla/4.0 MDN Example",
// "Content-Type": "application/json",
"Content-Type": "application/x-www-form-urlencoded",
// "Content-Type": "text/plain",
},
method: "POST", // *GET, POST, PUT, DELETE, etc.
mode: "cors", // no-cors, cors, *same-origin
redirect: "follow", // manual, *follow, error
referrer: "no-referrer", // *client, no-referrer
})
.then(response => response.json()) // parses response to JSON
.then(json => {
// json
console.log(`json =`, JSON.stringify(json, null, 4));
return json;
})
.catch(err => console.error(`error =`, err));
};
postData(`https://cdn.xgqfrms.xyz/json/data.json`, `key=value`);
xgqfrms 2012-2020
www.cnblogs.com 发布文章使用:只允许注册用户才可以访问!
CORS & OPTIONS & preflight request的更多相关文章
- has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
前端显示: has been blocked by CORS policy: Response to preflight request doesn't pass access control che ...
- CORS跨域带来的preflight request
CORS跨域带来的preflight request https://blog.csdn.net/baidu_35407267/article/details/79043515 HTTPS://blo ...
- Cross-origin resource sharing JSON with Padding 同源策略 JSONP 为什么form表单提交没有跨域问题,但ajax提交有跨域问题? XMLHttpRequest and the Fetch API follow the same-origin policy 预检请求(preflight request)
https://zh.wikipedia.org/wiki/跨来源资源共享 跨来源资源共享(CORS)是一份浏览器技术的规范,提供了 Web 服务从不同域传来沙盒脚本的方法,以避开浏览器的同源策略[1 ...
- CORS OPTIONS
CORS OPTIONS A CORS preflight request is a CORS request that checks to see if the CORS protocol is u ...
- .Net Core 处理跨域问题Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource
网页请求报错: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Or ...
- Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' heade
XMLHttpRequest cannot load http://10.164.153.37:8050/WebService/WebService.asmx/wsGetStreetData. Res ...
- preflight request预检请求
preflight request预检请求,负责检查是否允许跨域请求,但是注意并不是所有的跨域请求都会发送preflight请求.对与那些幂等的请求,如GET请求,就不会发送preflight请求.只 ...
- ajax post上传数据时,前端出现的跨域权限问题:ccess to XMLHttpRequest at ‘’rom origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok st
本人前端使用多个框架时,jq ajax传参出现如下报错: 最后发现,可能是xhr的相关默认参数被修改了.顾使用jq 传参时,一直报错,jq ajax额外添加的关键参数: crossDomain: ...
- 跨域请求错误: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource
今天在学习Angular 的HttpInterceptor 拦截器时,发现添加了新的headers键值之后总是报跨域错误.后台使用的是asp.net core. 检查发现,在添加了新的header之后 ...
随机推荐
- scala/java等其他语言从CSV文件中读取数据,使用逗号','分割可能会出现的问题
众所周知,csv文件默认以逗号","分割数据,那么在scala命令行里查询的数据: 可以看见,字段里就包含了逗号",",那接下来切割的时候,这本应该作为一个整体 ...
- P5858 Golden Swold
写在前面 简单的单调队列优化 DP 处理略微有点恶心,于是乎,用来取 \(\max\) 的极小值直接开到了 long long 的最小极限,了 define int long long /cy 算法思 ...
- loj黑暗城堡
黑暗城堡 题目描述 你知道黑暗城堡有\(N\)个房间,M 条可以制造的双向通道,以及每条通道的长度. 城堡是树形的并且满足下面的条件: 设\(D_i\)为如果所有的通道都被修建,第i号房间与第1号房间 ...
- (七)整合 Redis集群 ,实现消息队列场景
整合 Redis集群 ,实现消息队列场景 1.Redis集群简介 1.1 RedisCluster概念 2.SpringBoot整合Redis集群 2.1 核心依赖 2.2 核心配置 2.3 参数渲染 ...
- hadoop使用常见问题总结!
1,执行 hdfs dfs -copyFromLocal 命令报错! 19/01/02 11:01:32 INFO hdfs.DFSClient: Exception in createBlockOu ...
- 由于Java的简单类型不能够精确的对浮点数进行运算,这个工具类提供精 确的浮点数运算,包括加减乘除和四舍五入。
package com.minxinloan.utils; import java.math.BigDecimal; public class Arith { // 源文件Arith.java: /* ...
- poj 3436 ACM Computer Factory 最大流+记录路径
题目 题意: 每一个机器有一个物品最大工作数量,还有一个对什么物品进行加工,加工后的物品是什么样.给你无限多个初始都是000....的机器,你需要找出来经过这些机器操作后最多有多少成功的机器(111. ...
- ACM International Collegiate Programming Contest, Egyptian Collegiate Programming Contest (ECPC 2015) G. It is all about wisdom (二分,单源最短路)
题意:有\(n\)个点,\(m\)条边,只有当你的智力值大于这条边的\(w\)才能走,问在花费不超过\(k\)的情况下,从\(1\)走到\(n\)的所需的最小智力值. 题解:这题比赛为什么没想出来呢? ...
- [Python] Pandas 对数据进行查找、替换、筛选、排序、重复值和缺失值处理
目录 1. 数据文件 2. 读数据 3. 查找数据 4. 替换数据 4.1 一对一替换 4.2 多对一替换 4.3 多对多替换 5. 插入数据 6. 删除数据 6.1 删除列 6.2 删除行 7. 处 ...
- Linux下的C语言编程
一.在Linux下的C语言编程所需工具(下面所列举的都是我编程所用的工具) 1.文本编辑器 Vim 2.编译链接工具 gcc 3.调试器 gdb 4.项目管理工具 make和makefile 二.VI ...