如何在 Firefox 上允许 CORS?
我在 Chrome 和 Internet Explorer 上轻松管理它,但我在 Firefox 上完全失败.我编辑了以下 about:config 条目
security.fileuri.strict_origin_policy = false此尝试已在此处多次发布,并且在其他网站上也有提及,但没有任何效果.我阅读了关于 同源政策的 Mozilla 指南:
跨源资源共享 (CORS)
但它只是解释了 CORS 和相关主题.未列出在 Firefox 上启用它的解决方法.
有明确的解决方案吗?
PS:FORCECORS 也以某种方式不起作用......
解决方案对浏览器不做任何处理.CORS 支持所有现代浏览器(以及自 Firefox 3.5 起).
JavaScript 访问的服务器必须通过 CORS HTTP 响应标头向托管 JS 运行的 HTML 文档的站点授予权限.
security.fileuri.strict_origin_policy 用于让本地 HTML 文档中的 JS 访问您的整个硬盘.不要将其设置为 false,因为它会使您容易受到来自下载的 HTML 文档(包括电子邮件附件)的攻击.
How can I allow CORS on Firefox?
I easily managed it on Chrome and Internet Explorer, but I am totally failing at it with Firefox. I edited the following about:config entry
security.fileuri.strict_origin_policy = falseThis attempt has been posted several times here and is told on other sites too, but it doesn't have any effect. I read the Mozilla guide to same-origin policies:
Cross-Origin Resource Sharing (CORS)
but it just explains CORS and the related topics. A workaround to enable it on Firefox is not listed.
Is there a definitive solution?
PS: FORCECORS does not work either somehow...
解决方案Do nothing to the browser. CORS is supported by default on all modern browsers (and since Firefox 3.5).
The server being accessed by JavaScript has to give the site hosting the HTML document in which the JS is running permission via CORS HTTP response headers.
security.fileuri.strict_origin_policy is used to give JS in local HTML documents access to your entire hard disk. Don't set it to false as it makes you vulnerable to attacks from downloaded HTML documents (including email attachments).
更多推荐
如何在 Firefox 上启用 CORS
发布评论