What is the difference between cors and ajax
The difference between cors and ajax is: when cors makes a request, several keywords will be added to the HTTP request header to indicate that the current request is a cross-domain request, but these keywords will not be added when making an ajax request; cors is the abbreviation of "Cross-origin resource sharing", which means cross-origin resource sharing.
The operating environment of this article: windows10 system, javascript1.8.5&&html5 version, Dell G3 computer.
The difference between CORS and Ajax:
There is no difference between CORS and Ajax when sending requests. They are both http requests. The only difference is the CORS request. When , several keywords will be added to the http request header to indicate that the current request is a cross-domain request.
Extended knowledge:
CORS is a W3C standard, the full name is "Cross-origin resource sharing". We know that there is a cross-domain problem when using a browser to send http requests (ajax). The current mainstream cross-domain solution is CORS.
It is particularly emphasized here that the cross-domain we often talk about is only a limitation of the browser. If we use a script to send a request or request through a server, there will be no cross-domain problems. The main reason for this is that the browser uses The threshold is very low. In order to prevent people with ulterior motives from attacking ordinary users, cross-domain policies are introduced
CORS Introduction
CORS was released by W3C on January 16, 2014 A formally recommended communication standard that mainly solves the problem of user agent web applications accessing resources and obtaining data from another site through Ajax or other mechanisms.
Premise: The server needs to add related functions that support CORS, that is, set the allowed value of Access-Control-Allow-Origin of http
CORS communication is completed by the browser, no need User participation. By default, browsing communicates through Ajax. If the browser detects that the current request is cross-domain when sending a request, it will automatically convert to CORS
two request modes of CORS
Browsers divide CORS requests into two categories: simple requests and non-simple requests
Simple requests are to request data using the set request method
Non-simple requests Before requesting data using the set request method, an OPTIONS request is first sent to see if the server allows the client to send non-simple requests. Only after the "preflight" is passed will another request be sent for data transmission
As long as the following two conditions are met at the same time, it is a simple request.
Condition 1:
The request method is one of the following three methods:
HEAD
GET
POST
Condition 2:
HTTP header information does not exceed the following fields:
Accept Accept-Language Content-Language Last-Event-ID Content-Type:只限于三个值application/x-www-form-urlencoded、multipart/form-data、text/plain
Simple request
A simple request is that the browser directly sends a CORS request (ajax request). Before sending, the browser will add a request header Origin
to this http request. In the header information above, the Origin field is used to indicate which source this request comes from (protocol domain name port). The server decides whether to agree to the request based on this value.
Non-simple request
A non-simple request is to send an OPTIONS request before sending the request, and check in advance whether the request is allowed. The main purpose is to prevent cross-domain The request destroys or steals background data. Simple requests are less secure. The server returns the data after processing the request. In non-simple request mode, the server should not process the request during early detection.
[Related tutorial recommendations: AJAX video tutorial]
The above is the detailed content of What is the difference between cors and ajax. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1392
52
How to solve the 403 error encountered by jQuery AJAX request
Feb 20, 2024 am 10:07 AM
Title: Methods and code examples to resolve 403 errors in jQuery AJAX requests. The 403 error refers to a request that the server prohibits access to a resource. This error usually occurs because the request lacks permissions or is rejected by the server. When making jQueryAJAX requests, you sometimes encounter this situation. This article will introduce how to solve this problem and provide code examples. Solution: Check permissions: First ensure that the requested URL address is correct and verify that you have sufficient permissions to access the resource.
How to solve jQuery AJAX request 403 error
Feb 19, 2024 pm 05:55 PM
jQuery is a popular JavaScript library used to simplify client-side development. AJAX is a technology that sends asynchronous requests and interacts with the server without reloading the entire web page. However, when using jQuery to make AJAX requests, you sometimes encounter 403 errors. 403 errors are usually server-denied access errors, possibly due to security policy or permission issues. In this article, we will discuss how to resolve jQueryAJAX request encountering 403 error
PHP and Ajax: Building an autocomplete suggestion engine
Jun 02, 2024 pm 08:39 PM
Build an autocomplete suggestion engine using PHP and Ajax: Server-side script: handles Ajax requests and returns suggestions (autocomplete.php). Client script: Send Ajax request and display suggestions (autocomplete.js). Practical case: Include script in HTML page and specify search-input element identifier.
How to solve the problem of jQuery AJAX error 403?
Feb 23, 2024 pm 04:27 PM
How to solve the problem of jQueryAJAX error 403? When developing web applications, jQuery is often used to send asynchronous requests. However, sometimes you may encounter error code 403 when using jQueryAJAX, indicating that access is forbidden by the server. This is usually caused by server-side security settings, but there are ways to work around it. This article will introduce how to solve the problem of jQueryAJAX error 403 and provide specific code examples. 1. to make
How to get variables from PHP method using Ajax?
Mar 09, 2024 pm 05:36 PM
Using Ajax to obtain variables from PHP methods is a common scenario in web development. Through Ajax, the page can be dynamically obtained without refreshing the data. In this article, we will introduce how to use Ajax to get variables from PHP methods, and provide specific code examples. First, we need to write a PHP file to handle the Ajax request and return the required variables. Here is sample code for a simple PHP file getData.php:
PHP vs. Ajax: Solutions for creating dynamically loaded content
Jun 06, 2024 pm 01:12 PM
Ajax (Asynchronous JavaScript and XML) allows adding dynamic content without reloading the page. Using PHP and Ajax, you can dynamically load a product list: HTML creates a page with a container element, and the Ajax request adds the data to that element after loading it. JavaScript uses Ajax to send a request to the server through XMLHttpRequest to obtain product data in JSON format from the server. PHP uses MySQL to query product data from the database and encode it into JSON format. JavaScript parses the JSON data and displays it in the page container. Clicking the button triggers an Ajax request to load the product list.
What are the ajax versions?
Nov 22, 2023 pm 02:00 PM
Ajax is not a specific version, but a technology that uses a collection of technologies to asynchronously load and update web page content. Ajax does not have a specific version number, but there are some variations or extensions of ajax: 1. jQuery AJAX; 2. Axios; 3. Fetch API; 4. JSONP; 5. XMLHttpRequest Level 2; 6. WebSockets; 7. Server-Sent Events; 8, GraphQL, etc.
PHP and Ajax: Ways to Improve Ajax Security
Jun 01, 2024 am 09:34 AM
In order to improve Ajax security, there are several methods: CSRF protection: generate a token and send it to the client, add it to the server side in the request for verification. XSS protection: Use htmlspecialchars() to filter input to prevent malicious script injection. Content-Security-Policy header: Restrict the loading of malicious resources and specify the sources from which scripts and style sheets are allowed to be loaded. Validate server-side input: Validate input received from Ajax requests to prevent attackers from exploiting input vulnerabilities. Use secure Ajax libraries: Take advantage of automatic CSRF protection modules provided by libraries such as jQuery.
