使用POSTMAN时不会发生CORS问题 [英] CORS issue doesn't occur when using POSTMAN

问题描述

我已经使用POSTMAN有时为RESTful Web服务发送 HTTP请求，如GET，POST，PUT 。最近遇到了一个情况，当通过浏览器向我的REST API发送请求时，我收到一条消息：

I have been using POSTMAN for sometime now for sending HTTP requests like GET, POST, PUT for RESTful Webservices. Recently came across a situation, when sending a request to my REST API through browser, I got a message that

No Access Control Allow Origin Header is present on the Requested resource.

解决方案是向API添加这样一个头。
然而奇怪的是，当我通过POSTMAN发送相同的请求时，我能够得到回复。

The solution was ofcourse to add such an header to the API. However strangely, When I sent the the same request through POSTMAN I was able to get back the response.

所以我想知道如何发送请求通过POSTMAN不同于通过浏览器发送请求。

So I want to know how is sending a request through POSTMAN different from sending a request through browser.

我经历了这个问题：

I went through this question: CORS with POSTMAN, but it really doesn't provide an answer in detail.

推荐答案

常规网页可以使用 XMLHttpRequest 对象从远程服务器发送和接收数据，但它们受 同源策略 。扩展不限于此。

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. Extensions aren't so limited. An extension can talk to remote servers outside of its origin, as long as it first requests cross-origin permissions.

基本上，浏览器扩展具有比Web内容更多的权限。对于Chrome扩展程序，您可以选择启用跨源访问。

Basically browser extensions have more privileges than web content. In the case of Chrome extensions, there is an option to enable cross-origin access.

这篇关于使用POSTMAN时不会发生CORS问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！