From 8fd66d68aff748275cfacb8e2e320a1972f25eae Mon Sep 17 00:00:00 2001 From: yuyuling Date: Sat, 6 Jul 2019 18:41:45 +0800 Subject: [PATCH] =?UTF-8?q?http=E5=A4=B1=E8=B4=A5=E9=87=8D=E8=AF=95?= =?UTF-8?q?=E4=B8=8ECORS=E6=90=BA=E5=B8=A6Cokie?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 26 +++++++++++++++++++++++++- index.html | 8 ++++++++ index.js | 21 +++++++++++++++++++++ 3 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 index.html create mode 100644 index.js diff --git a/README.md b/README.md index fcc0487..ce6c4f0 100644 --- a/README.md +++ b/README.md @@ -1 +1,25 @@ -# homework-browser-network-final \ No newline at end of file +# homework-browser-network-final + +## CORS 头信息 + +### HTTP 响应首部字段 + +`Access-Control-Allow-Origin`: 指定了允许访问该资源的外域 URI + +`Access-Control-Expose-Headers`: 让服务器把允许浏览器访问的头放入白名单 + +`Access-Control-Max-Age`: 指定了preflight请求的结果能够被缓存多久 + +`Access-Control-Allow-Credentials`: 指定了当浏览器的credentials设置为true时是否允许浏览器读取response的内容。 + +`Access-Control-Allow-Methods`: 用于预检请求的响应。其指明了实际请求所允许使用的 HTTP 方法。 + +`Access-Control-Allow-Headers`: 用于预检请求的响应。其指明了实际请求中允许携带的首部字段。 + +### HTTP 请求首部字段 + +`Origin`: 表明预检请求或实际请求的源站 + +`Access-Control-Request-Method`: 用于预检请求。其作用是,将实际请求所使用的 HTTP 方法告诉服务器。 + +`Access-Control-Request-Headers`: 用于预检请求。其作用是,将实际请求所携带的首部字段告诉服务器。 diff --git a/index.html b/index.html new file mode 100644 index 0000000..39e0d5a --- /dev/null +++ b/index.html @@ -0,0 +1,8 @@ + + + + CORS + + + + diff --git a/index.js b/index.js new file mode 100644 index 0000000..0c4ab27 --- /dev/null +++ b/index.js @@ -0,0 +1,21 @@ +// CORS 带上 cookie +function getData(url) { + const xhr = new XMLHttpRequest(); + xhr.open("GET", url); + xhr.withCredentials = true; + xhr.send(); +} + +// http请求失败后重试 +async function reconnect(func, interval, frequency) { + try { + await func(); + } catch { + if (frequency > 0 ) { + frequency -= 1; + setTimeout(function() { + reconnect(func, interval, frequency); + }, interval); + } + } +}