Let me ask you a cross-domain related question, what kind of problems can be avoided by cors's preflight request?

when I was working on a project recently, I involved the preflight pre-checking mechanism. A doubt arises:

Why does the browser have to pre-check with the server to confirm that the request is available? Instead of sending the request directly to the server? Whether the request will create

to the server

affects this category that is no longer on the browser side, so why does the browser stipulate that a pre-request should be sent first? What is the meaning of doing so

? Are there any seniors who know the relevant knowledge? Can you share some relevant examples? Thank you all first.

Fetch javascript cors http
Mar.02,2021

Why would browsers do this? because the specification / standard stipulates
quotes a section of the specification
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS

Cross-domain resource sharing standard adds a set of HTTP header fields that allow the server to declare which origin server has access to which resources. In addition, the specification requires that for HTTP request methods that may have side effects on server data (especially HTTP requests other than GET, or with some MIME types of POST requests), the browser must first use the OPTIONS method to initiate a pre-check request (preflight request), to know whether the server allows the cross-domain request. The server confirms the permission before initiating the actual HTTP request. In the return of the pre-check request, the server can also inform the client whether it needs to carry identity credentials (including Cookies and HTTP authentication-related data).

those who draw red lines are avoidable problems

detect whether these headers are allowed, what method is supported by this address, whether homologous protection is triggered, and so on, otherwise rashly request to pass, if not, it will be a waste of resources and time.

Previous: Click upload of html added by layui.upload.render with js is invalid

Next: Ask your predecessors to answer the questions you encounter with the form tag in vue!

css mysql arrays josn react html typescript webpack npm sass R objective-c .net sql-server jquery python-3.x angularjs django angular excel regex iphone ajax linux xml pandas vba spring database wordpress string wpf xcode windows bash postgresql oracle multithreading eclipse list firebase algorithm macos forms image scala visual-studio azure bootstrap spring-boot react-native python-2.7 docker performance function winforms matlab powershell apache dataframe api sqlite numpy rest shell selenium flutter dart maven loops qt swing android-studio csv express file class tensorflow sorting codeigniter perl
© 2021 CodesHelper
Advertising Contact us About us
Menu