HTTP--http之cors(四)

目录结构

文件内容

server1.js

const http = require('http');
const fs = require('fs');
http.createServer(function(req, res) {
    console.log('request come', req.url);
    const html = fs.readFileSync('index.html', 'utf8');
    res.writeHead(200, {
        // "Content-Type":"text/plain"
        "Content-Type":"text/html"
    })
    res.end(html)
}).listen(8888)
console.log('server start at port 8888')

server2.js

const http = require('http');
http.createServer(function(req, res) {
    console.log('request come', req.url);
    res.writeHead(200, {
        // 'Access-Control-Allow-Origin':"*"
        // 'Access-Control-Allow-Origin':"http://localhost:8887"
        'Access-Control-Allow-Origin':"http://localhost:8888"
    })
    res.end('123')
}).listen(8889)
console.log('server start at port 8889')

index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>Document</title>
</head>
<body>
    8888
    <script>
        var xhr = new XMLHttpRequest();
        xhr.open('GET','http://127.0.0.1:8889');
        xhr.send();
    </script>
</body>
</html>

配置解析

返回的文本类型

       "Content-Type":"text/plain"   //字符串
        "Content-Type":"text/html"   //html

server2.js

不配置Access-Control-Allow-Origin

会请求，有响应
浏览器特有，只是浏览器出于安全，不显示内容
在git bash上会显示内容

    res.writeHead(200, {
        // 'Access-Control-Allow-Origin':"*"  //允许所有
        // 'Access-Control-Allow-Origin':"http://localhost:8887"
        // 'Access-Control-Allow-Origin':"http://localhost:8888"
    })

配置Access-Control-Allow-Origin

'Access-Control-Allow-Origin':"*"  //允许所有
 'Access-Control-Allow-Origin':"http://localhost:8887"  //允许特定

jsonp

利用标签的特性

link
img
script

index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>Document</title>
</head>
<body>
    8888
    <script src='http://127.0.0.1:8889'></script>
</body>
</html>

server2.js

const http = require('http');
http.createServer(function(req, res) {
    console.log('request come', req.url);
    res.writeHead(200, {

    })
    res.end('123')
}).listen(8889)
console.log('server start at port 8889')

cors其它配置

默认允许方法

GET
HEAD
POST

当用put方法时

index.html

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="X-UA-Compatible" content="ie=edge">
    <title>Document</title>
</head>
<body>
    8888
    <script>
        var xhr = new XMLHttpRequest();
        xhr.open('PUT','http://127.0.0.1:8889');
        xhr.send();
    </script>
</body>
</html>

解决办法

    res.writeHead(200, {
        'Access-Control-Allow-Origin':"*",
        "Access-Control-Allow-Methods":"GET,POST,PUT,DELETE"
    })

预请求

解决办法

    res.writeHead(200, {
        'Access-Control-Allow-Origin':"*",
        "Access-Control-Allow-Methods": "GET,POST,PUT,DELETE",
        "Access-Control-Allow-Max-Age":"1000",
    })

HTTP--http之cors(四)

目录结构

文件内容

配置解析

返回的文本类型

server2.js

不配置Access-Control-Allow-Origin

配置Access-Control-Allow-Origin

jsonp

cors其它配置

默认允许方法

预请求

渣渣辉

引用和评论

springboot(二)、RestApi

状态码 406， Not Acceptable, (Spring Boot)

NGINX 知识总结

TLSv1.3 Support：主流 Web 客户端和服务端对 TLSv1.3 的支持情况

如何设置Fiddler来拦截Java代码发送的HTTP请求，进行各种问题排查

Spring-Boot实现HTTP大文件断点续传分片下载-大视频分段渐进式播放

一键生成 HTTP + gRPC 混合架构微服务代码：更简单、更灵活、更兼容的微服务系统构建方式