发表新帖
发表新帖

how Postman send requests? ajax, same origin policy

后端 未结
关注
3 1007
自闭症患者
自闭症患者 2020-12-01 00:59

I have found this very useful Chrome extension called Postman. This is a very useful extension especially when you are into programming RESTful applications.

One thi

相关标签:
3条回答
  • 野性不改
    2020-12-01 01:06

    You can add the following header to sent Ajax request in postman.

    Content-Type      application/json

X-Requested-With  XMLHttpRequest

    Screenshot

    Credit to Orion

    0 讨论(0)
  • 臣服心动
    2020-12-01 01:10

    Chrome packaged apps can have cross domain permissions. When you install Postman it promts you that this app will access any domain.

    By placing */* in permissions section of your manifest file, you can do this.

    Read more here: https://developer.chrome.com/extensions/xhr.html

    0 讨论(0)
  • 长发绾君心
    2020-12-01 01:16

    Sounds like the site that hosts the poll (the "vote.php" script) needs to have an "Access-Control-Allow-Origin" header set to allow posting from a list of sites (or all sites).

    A value of * for the header will allow posting from any website:

    Access-Control-Allow-Origin: *

    i.e. You could put the following at the top of vote.php

    header('Access-Control-Allow-Origin: *');

    Chrome extensions and apps are not subject to the same security limitations placed on normal webpages.

    Additional debugging tips:

    If you're trying to access remote services from web pages you have open on your local file system in your browser, you might find your browser applies different security rules to them than it does to files served from a web service.

    e.g. If you open local files from a locational like C:\MyDocuments\weboot\index.htm (Windows) or \Users\joe\Sites\index.html (Mac) in your browser your AJAX request might not work, even with the header specified in most browsers.

    Apple's Safari applies almost no cross domain restrictions to files opened locally but Firefox is much more strict about what it permits, with Chrome somewhere in the middle. Running a web server locally (e.g. on http://localhost/) is a good idea to avoid unexpected behaviour.

    Additionally, other libraries that provide functions to handle Ajax requests (such as AngularJS) may require other headers to be set on the server by default. You can usually see the reason for failure in a browser debug console.

    0 讨论(0)
 看不清?
提交回复
热议问题