官术网_书友最值得收藏!

  • CORS Essentials
  • Rajesh Gunasundaram Randall Goya
  • 156字
  • 2021-07-09 19:53:41

Permissions required by JavaScript

Let's consider content scraping. You can write a content scraping script that reads the rendered DOM of an external URI and creates local DOM elements with the same content, without any special configurations.

But what if you first need to run a script on the external URI, for example, to find out whether the user is the same as on your local site? You cannot trigger that external script and return the results without cross-origin sharing via CORS or a similar method to get around the same-origin policy.

JavaScript data storage access is strictly limited by origin

JavaScript data stored in the browser as Local Storage, or in IndexedDB, is separated by origin. Each origin has distinct storage, and JavaScript in one origin cannot read from or written to storage belonging to another origin unless it is given explicit access to a script on another domain by CORS or a similar method.

主站蜘蛛池模板: 建平县| 金堂县| 呼和浩特市| 常熟市| 晋江市| 右玉县| 固原市| 龙门县| 乌拉特前旗| 保康县| 绥化市| 巴林左旗| 望谟县| 象山县| 安多县| 庄河市| 桂林市| 太仓市| 浦城县| 德江县| 山阳县| 崇信县| 连城县| 南雄市| 思南县| 略阳县| 灌阳县| 龙海市| 南江县| 东兴市| 襄城县| 新乡县| 遵义市| 墨江| 岫岩| 云龙县| 图木舒克市| 高清| 武穴市| 北宁市| 万州区|