这个跨域 ajax 请求是如何工作的?
我正在查看 这个问题其中有一个指向 http://hacks 的链接.mozilla.org/2011/03/the-shortest-image-uploader-ever/ 有以下代码:
I'm looking at this question and in it is a link to http://hacks.mozilla.org/2011/03/the-shortest-image-uploader-ever/ which has the following code:
var fd = new FormData();
fd.append("image", file); // Append the file
fd.append("key", "6528448c258cff474ca9701c5bab6927");
// Get your own key: http://api.imgur.com/
// Create the XHR (Cross-Domain XHR FTW!!!)
var xhr = new XMLHttpRequest();
xhr.open("POST", "http://api.imgur.com/2/upload.json"); // Boooom!
xhr.onload = function() {
// Big win!
// The URL of the image is:
JSON.parse(xhr.responseText).upload.links.imgur_page;
}
// Ok, I don't handle the errors. An exercice for the reader.
// And now, we send the formdata
xhr.send(fd);
这个跨域请求是如何工作的?我认为通常会有一些安全限制阻止人们这样做.
How does this cross domain request work? I thought as a rule there are security restrictions that stop people from doing just this.
推荐答案
服务器正在响应 Access-Control-Allow-Origin 设置以允许跨域请求
The server is reponding with the Access-Control-Allow-Origin set to allow cross domain requests
Response Headers
Access-Control-Allow-Origin: *
Cache-Control max-age=604800
Connection keep-alive
Content-Length 494
Content-Type application/json
http://www.w3.org/TR/cors/#access-control-allow-origin-response-hea
http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors
相关文章