关于跨域

参考博客:

跨域(CORS)和CSRF攻击的区别:

CORS是处理脚本中的跨站访问,响应被浏览器阻止的情况,解决方式是加入特殊的运行跨域响应头:

https://www.zhihu.com/question/26379635

跨域并非浏览器限制了发起跨站请求,而是跨站请求可以正常发起,但是返回结果被浏览器拦截了。最好的例子是CSRF跨站攻击原理,请求是发送到了后端服务器无论是否跨域

https://www.cnblogs.com/nananana/p/8492185.html

CSRF就跨域了,但不是通过脚本,而是网站中正常的GET/POST请求:

http://www.cnblogs.com/hyddd/archive/2009/04/09/1432744.html

 

跨域前、后端解决方式:

https://www.cnblogs.com/520playboy/p/7306008.html

https://blog.csdn.net/Colton_Null/article/details/75195230

https://www.cnblogs.com/smiler/p/8509062.html

https://blog.csdn.net/saytime/article/details/74937204

 

https://www.cnblogs.com/chenshishuo/p/4919224.html

https://www.cnblogs.com/dojo-lzz/p/4265637.html

https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS

 

比较全的带后端实现的:

https://www.cnblogs.com/itmacy/p/6958181.html

SpringMVC解决跨域:

https://blog.csdn.net/tg928600774/article/details/80325040

https://www.jb51.net/article/112152.htm

 

请求头和响应头内容:

https://blog.csdn.net/m0_37828249/article/details/78164320

https://www.cnblogs.com/good7758/articles/5635981.html

 

posted @ 2018-11-07 09:16  free_wings  阅读(226)  评论(0编辑  收藏  举报