In the above example, getResponseHeader('FooBar') will successfully get the value of the FooBar field. If you want to get other fields, you must specify them in the Access-Control-Expose-Headers. CORS request, the XMLHttpRequest object getResponseHeader() method can only get six basic fields: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma. This value can also only be set to true, so if the server does not want the browser to send cookies, just delete the field. A value of true means that the server has explicitly given permission for the cookie to be included in the request and sent to the server together. Its value is a boolean indicating whether cookies are allowed to be sent, and by default, cookies are not included in CORS requests. Its value is either the value of the Origin field at the time of the request, or a * that indicates that a request for an arbitrary domain name is accepted. The above header contains three fields related to CORS requests, all starting with Access-Control. Here is an example, the browser finds that the cross-origin AJAX request is a simple request, it automatically adds an Origin field to the header information. Specifically, it adds an Origin field to the header. Simple request 3.1 Basic flowįor a simple request, the browser makes a CORS request directly. The browser processing of these two requests, is not the same. Where the above two conditions are not met at the same time, it is not a simple request. AJAX’s cross-domain design is that, as long as the form can send, AJAX can send directly. This is to be compatible with forms, because historically forms have been able to send cross-domain requests.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |