当前位置:网站首页>Cross domain overview, simple accumulation
Cross domain overview, simple accumulation
2022-06-24 10:28:00 【Right eye remnant】
Tips : When the article is finished , Directories can be generated automatically , How to generate it, please refer to the help document on the right
List of articles
One 、 The same-origin policy
Provide a security mechanism for browsers ; Requested url The address must match the... On the browser url The same domain , namely : port , agreement ,IP All the same , If either one is not satisfied , It means different source ;
Such as : from 127.0.0.1:8000 request 127.0.0.1:8001
When not handled , The browser will react to an error and intercept it .
Two 、CORS
CORS( Cross-domain resource sharing ), Both browser and server support to solve cross domain problems .
CORS There are two types of requests : Simple request and non simple request
- The request method is :HEAD, GET,POST One of them
- HTTP The header information of does not exceed :Accept, Accept-Language, Content-Language, Content-type
Meet the above two conditions , Means a simple request
A simple request : Send only once
It's not a simple request : Contains two requests , For the first time OPTIONS( Pre inspection request ), If the pre check passes, a second request is sent ( The real data )
Cross domain solutions :
- A simple request :
Server set response header :Access-Control-Allow-Origin = ' domain name ' or ‘*’
- It's not a simple request :
When sending a pre inspection request , Allow request mode :Access-Control-Request-Method; Allow request header :Access-Control-Request-Headers
Realization principle :
When the browser finds a cross domain request , If it's a simple request , Will add... In the request header Origin Field , Indicates from which source ; The server received a response , Will add... To the response header Access-Control-Allow-Origin, Specify the domain name or generic configuration ;
3、 ... and 、Django Cross domain solutions in
1. Allow information in the returned results
data = {
"dafd": access_token}
response = HttpResponse(json.dumps(data))
# Handle simple requests
response["Access-Control-Allow-Origin"] = "*"
# Pre inspection method
response["Access-Control-Allow-Methods"] = "POST, GET"
response["Access-Control-Max-Age"] = "1000"
# Pre check request header
response["Access-Control-Allow-Headers"] = "*"
return response
2. Use django-cors-headers
django-cors-headers When a third party relies on , Use pip download , modify settings The configuration file
pip install django-cors-headers
stay setting.py Add an application to :
INSTALLED_APPS = [
...
'corsheaders',
...
]
Add Middleware :
MIDDLEWARE = [
'corsheaders.middleware.CorsMiddleware',
'django.middleware.common.CommonMiddleware',
...
]
Add at the end of the file :
CORS_ALLOW_CREDENTIALS = True
CORS_ORIGIN_ALLOW_ALL = True
CORS_ORIGIN_WHITELIST = (
'*'
)
CORS_ALLOW_METHODS = (
'DELETE',
'GET',
'OPTIONS',
'PATCH',
'POST',
'PUT',
'VIEW',
)
CORS_ALLOW_HEADERS = (
'XMLHttpRequest',
'X_FILENAME',
'accept-encoding',
'authorization',
'content-type',
'dnt',
'origin',
'user-agent',
'x-csrftoken',
'x-requested-with',
'Pragma',
)
边栏推荐
- Uniapp implements the function of clicking to make a call
- leetCode-1051: 高度检查器
- leetCode-929: 独特的电子邮件地址
- uniapp开发微信小程序,显示地图功能,且点击后打开高德或腾讯地图。
- tf. contrib. layers. batch_ norm
- 【数据分析数据源】全国各省市行政区坐标(包含边界坐标点和中心坐标点)
- 5. dish management business development
- 2.登陆退出功能开发
- 【IEEE出版】2022年智能交通与未来出行国际会议(CSTFM 2022)
- 【资源分享】2022年第五届土木,建筑与环境工程国际会议(ICCAEE 2022)
猜你喜欢

上升的气泡canvas破碎动画js特效

使用swiper左右轮播切换时,Swiper Animate的动画失效,怎么解决?

Using pandas to read SQL server data table

numpy.linspace()

88.合并有序数组

Outils de capture de paquets

Troubleshooting steps for Oracle pool connection request timeout

解决Deprecated: Methods with the same name as their class will not be constructors in报错方案

【数据分析数据源】全国各省市行政区坐标(包含边界坐标点和中心坐标点)

leetCode-1823: 找出游戏的获胜者
随机推荐
Role of message queuing
【IEEE出版】2022年工业自动化,机器人与控制工程国际会议(IARCE 2022)
web网站开发,图片懒加载
3.员工的增删改查
多线程的应用 - 提升效率
SQL sever试题求最晚入职日期
Learn to use the phpstripslush function to remove backslashes
26.删除有序数组的重复项
机器学习——感知机及K近邻
Leetcode-223: rectangular area
5. dish management business development
Wechat applet rich text picture width height adaptive method introduction (rich text)
6.套餐管理业务开发
p5.js千纸鹤动画背景js特效
【资源分享】2022年第五届土木,建筑与环境工程国际会议(ICCAEE 2022)
2.登陆退出功能开发
Leetcode interview question 16.06: minimum difference
numpy.linspace()
CVPR 2022 oral | NVIDIA proposes an efficient visual transformer network a-vit with adaptive token. The calculation of unimportant tokens can be stopped in advance
Engine localization adaptation & Reconstruction notes