本文介绍了如何识别CORS预检请求?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
CORS预检请求显然使用OPTIONS方法,并具有Origin标头。但是,浏览器可以决定任何 HTTP请求以添加Origin标头。此外,OPTIONS可以用于除CORS之外的其他功能。 (如何)我可以确定是否一个请求是CORS预检请求的完全(没有假阳性或否定)?
A CORS preflight request obviously uses the OPTIONS method and has an Origin header. However, a browser can decide for any HTTP request to add an Origin header. Also, OPTIONS may be used for other functionality than CORS. (How) Can I identify exactly (without false positives or negatives) whether a request is a CORS preflight request?
推荐答案检查访问控制 - 请求方法头。在预检请求以外的请求中发送它是没有意义的。
Check for the Access-Control-Request-Method header. It would not make much sense to send it in a request other than the preflight request.
更多推荐
如何识别CORS预检请求?
发布评论