Upload
happydev
View
197
Download
1
Embed Size (px)
Citation preview
var r = new XMLHttpRequest();
r.open('GET', ‘http://site2.com’, true);
r.withCredentials = true;
r.send();
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://site1.com
Access-Control-Allow-Credentials: true
[Data]
var r = new XMLHttpRequest();
r.open('POST', ‘http://site2.com’, true);
r.setRequestHeader(‘Content-Type’,'application/json');
r.setRequestHeader('X-HEADER', 'lalala');
r.send(data);
OPTIONS / HTTP/1.1
Host: site2.com
Origin:
http://site1.com/
Access-Control-Request-Method: POST
Access-Control-Request-Headers: X-HEADER
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://site1.com
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-HEADER
POST / HTTP/1.1
Host: site2.com
Origin: http://site1.com/
X-HEADER: lalala
Content-Type: application/json
[Data]
Cross-origin readsvar r = new XMLHttpRequest();
r.open('GET', ‘http://site2.com’, true);
r.withCredentials = true;
r.send();
Cross-origin writesvar c = new XMLHttpRequest();
c.withCredentials = true;
c.open("POST", ...);
c.setRequestHeader("Content-Type", “...”);
c.send(...);
<form method=“POST”action=“http://service.com/profile”>
<input type=“hidden” name=“name” value=“[email protected]” />
<input type=“hidden” name=“password” value=“78330…” />
<input type=“hidden” name=“retypedPassword” value=“2c84…” />
</form>
<form method=“POST” action=“http://service.com/profile”>
<input type=“hidden” name=“name” value=“art”/>
<input type=“hidden” name=“password” value=“78330…”/>
<input type=“hidden” name=“retypedPassword” value=“2c84…”/>
</form>
POST /useremail: [email protected]