- CORS Essentials
- Rajesh Gunasundaram Randall Goya
- 209字
- 2021-07-09 19:53:41
Considering the origin of entities
Access to DOM elements is allowed only when the request scheme, hostname, and port number match those of the current URI. A subdomain cannot share DOM elements with the parent domain.
- Scheme in web applications is typically
http://orhttps:// - Hostname is typically the domain name plus TLD, or the unique IP address
- Port number:
- Typically, port
80is implicit inhttp:// 443for SSL overhttps://
- Typically, port
If the Scheme, Hostname, and port number do not match the DOM element, then resource sharing is prohibited as they do not share the same origin. Considering the domain http://www.example.com, the following table provides various combinations of matching and mismatching origins:
Internet Explorer exception policy
Internet Explorer (IE) implements two major differences when it comes to the same-origin policy:
- IE Trust Zones allow different domains: If both domains are in a highly trusted zone, then the same-origin policy limitations are not applied.
- Port is ignored: IE ignores the port in same origin components. These URIs are considered from the same origin:
推薦閱讀
- 公有云容器化指南:騰訊云TKE實戰(zhàn)與應(yīng)用
- Python絕技:運用Python成為頂級數(shù)據(jù)工程師
- Effective Amazon Machine Learning
- InfluxDB原理與實戰(zhàn)
- Live Longer with AI
- Mockito Cookbook
- Ceph源碼分析
- 基于OPAC日志的高校圖書館用戶信息需求與檢索行為研究
- 數(shù)據(jù)庫原理與應(yīng)用
- Chef Essentials
- Augmented Reality using Appcelerator Titanium Starter
- R Machine Learning Essentials
- 數(shù)據(jù)指標(biāo)體系:構(gòu)建方法與應(yīng)用實踐
- Scratch 2.0 Game Development HOTSHOT
- Microsoft Dynamics NAV 2015 Professional Reporting