![]() ![]() So the communication with the iframe was technically possible. To be precise, there were actually tricks for that, they required special scripts at both the iframe and the page. But as it’s forbidden to access the content of an from another site, it wasn’t possible to read the response. So, it was possible to make a GET/POST request to another site, even without networking methods, as forms can send data anywhere. People submitted it into, just to stay on the current page, like this: One way to communicate with another server was to submit a there. A variety of tricks were invented to work around the limitation and make requests to other websites. It was a toy language to decorate a web page.īut web developers demanded more power. JavaScript also did not have any special methods to perform network requests at that time. ![]() an evil script from website could not access the user’s mailbox at website. ![]() That simple, yet powerful rule was a foundation of the internet security. Let’s make a very brief historical digression.įor many years a script from one site could not access the content of another site. Why is CORS needed? A brief historyĬORS exists to protect the internet from evil hackers. That policy is called “CORS”: Cross-Origin Resource Sharing. The core concept here is origin – a domain/port/protocol triplet.Ĭross-origin requests – those sent to another domain (even a subdomain) or protocol or port – require special headers from the remote side. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |