在CORS中发布/获取与放置/删除 [英] POST/GET Vs PUT/DELETE in CORS
问题描述
我刚刚阅读了此:
同源策略允许使用GET和POST进行跨域HTTP请求方法,但拒绝源间的PUT和DELETE请求
same-origin policy allows inter-origin HTTP requests with GET and POST methods but denies inter-origin PUT and DELETE requests
PUT/DELETE有什么特别之处?他们为什么被封锁?无论如何,您都可以在POST方法中进行更新/删除.
What is so special about PUT/DELETE? Why are they blocked? You can do an update/delete inside a POST method anyway.
使用CORS,为什么使用xml/json而不是application/x-www-form-urlencoded的POST请求被预检?
With CORS, why is a POST request preflighted if it uses xml/json rather than application/x-www-form-urlencoded?
请解释为什么某些动词与其他动词区别对待.
Please explain why some verbs are treated differently to others.
推荐答案
基本区别在于用户浏览网页所触发的请求类型与脚本所触发的类型之间.基于早期浏览器认为安全与不安全的区别,这种区别源于网络历史记录.此后,所有浏览器都试图保持向后兼容性,以免违反依赖那些早期 decomo 早期标准的服务器的期望.
The fundamental distinction is between the kind of request triggered by a user navigating a web page and the kind triggered by a script. This distinction is rooted in web history, based on what early browsers considered safe and unsafe. All browsers since have tried to maintain backwards compatibility so as to not violate the expectations of servers relying on those early de facto standards.
用户浏览网络会产生什么样的请求?基本上,表单提交触发的 GET 请求和 POST 请求.浏览器始终允许此类跨域请求,因此他们假定服务器是为处理这些请求而设计的.但这不包括例如具有自定义标头的 POSTS ,这些标头只能由脚本添加.(有关使请求安全与否的确切说明,请参见获取规范.)
What kind of requests are generated by users navigating the web? Basically, GET requests and POST requests triggered by a form submission. Browsers have always allowed such cross-origin requests, and so they assume that servers are designed to handle them. But that doesn't include, for example, POSTS that have custom headers that could only be added by a script. (For a precise description of what makes a request safe or not, see the Fetch specification.)
在此处中查看我的答案,以了解有关CORS如何使用预检请求来保持与Same Origin Policy的向后兼容性的更多详细信息.
See my answer here for more detail on how CORS uses preflight requests to maintain backwards compatibility with the Same Origin Policy.
这篇关于在CORS中发布/获取与放置/删除的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
