Cross-Origin Resource Sharing

Cross-Origin Resource Sharing

Cross-Origin Resource Sharing (CORS) is a web browser technology specification, which defines ways for a web server to allow its resources be accessed by a web page from a different domain.[1] Such access would otherwise be forbidden by the same origin policy.

Contents

Browser support

CORS is supported by all browsers based on the following layout engines:

  • Gecko 1.9.1 (Firefox 3.5,[2] SeaMonkey 2.0[3]) and above
  • WebKit (Initial revision uncertain, Safari 4 and above,[1] Google Chrome 3 and above... possibly earlier[4])
  • MSHTML/Trident 4.0 (Internet Explorer 8) provides partial support via the XDomainRequest object.[1]

The following browsers are also noteworthy in their lack of CORS support:

  • No Presto-based browser implements CORS as of Opera 11.5, Opera Mobile 11.1, and Opera Mini Mini 6.0.[5]
  • Camino does not implement CORS in the 2.0.x release series as these versions are based on Gecko 1.9.0.[6]
  • As of version 0.10.2, Arora exposes WebKit's CORS-related APIs, but attempted cross-origin requests will fail.[7]

History

Cross-origin support was originally proposed by Matt Oshry, Brad Porter, and Michael Bodell of Tellme Networks in March 2004 for inclusion in VoiceXML 2.1[8] to allow safe cross-origin data requests by VoiceXML browsers. The mechanism was deemed general in nature and not specific to VoiceXML and was subsequently separated into an implementation NOTE.[9] The WebApps Working Group of the W3C with participation from the major browser vendors began to formalize the NOTE into a W3C Working Draft on track toward formal W3C Recommendation status.

CORS relationship to JSONP

CORS can be used as a modern alternative to the JSONP pattern. While JSONP supports only the GET request method, CORS also supports other types of HTTP requests. Using CORS enables a web programmer to use regular XMLHttpRequest which supports better error handling than JSONP. On the other hand, JSONP works on legacy browsers which preclude CORS support. CORS is supported by most modern web browsers.[10]

References

  1. ^ a b c http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
  2. ^ https://developer.mozilla.org/En/HTTP_access_control
  3. ^ https://developer.mozilla.org/en/Gecko
  4. ^ http://osvdb.org/59940
  5. ^ http://caniuse.com/cors
  6. ^ http://forums-test.mozillazine.org/viewtopic.php?f=12&t=1579855
  7. ^ http://code.google.com/p/arora/issues/detail?id=904
  8. ^ http://www.w3.org/TR/2004/WD-voicexml21-20040323/
  9. ^ http://www.w3.org/TR/2005/NOTE-access-control-20050613/
  10. ^ http://www.nczonline.net/blog/2010/05/25/cross-domain-ajax-with-cross-origin-resource-sharing/

External links


Wikimedia Foundation. 2010.

Игры ⚽ Поможем решить контрольную работу

Look at other dictionaries:

  • Cross-origin resource sharing — Эту статью следует викифицировать. Пожалуйста, оформите её согласно правилам оформления статей …   Википедия

  • Resource Description Framework — Das Resource Description Framework (RDF, engl. (sinngemäß) „System zur Beschreibung von Ressourcen“) bezeichnet eine Familie von Standards des World Wide Web Consortiums (W3C) zur formalen Beschreibung von Informationen über Objekte, sogenannte… …   Deutsch Wikipedia

  • XMLHttpRequest — HTTP Persistence · Compression · HTTPS Request methods OPTIONS · GET · HEAD · POST · PUT · DELETE · TRACE · CONNECT Header fields Cookie · ETag · Location · Referer DNT · …   Wikipedia

  • Enterprise resource planning — (ERP) is the planning of how business resources (materials, employees, customers etc.) are acquired and moved from one state to another. An ERP system supports most of the business system that maintains in a single database the data needed for a… …   Wikipedia

  • History of Firefox — (category) Contents Firefox 10 · 11 · 12 Firefox 7 · 8 · 9 Firefox 4 · …   Wikipedia

  • Human resource management system — HRMS redirects here. For the ship prefix, see His/Her Dutch Majesty s Ship.A Human Resource Management System (HRMS, EHRMS), Human Resource Information System (HRIS), HR Technology or also called HR modules, refers to the systems and processes at …   Wikipedia

  • Web Ontology Language — Die Web Ontology Language (kurz OWL) ist eine Spezifikation des World Wide Web Consortiums (W3C), um Ontologien anhand einer formalen Beschreibungssprache erstellen, publizieren und verteilen zu können. Es geht darum, Termini einer Domäne und… …   Deutsch Wikipedia

  • XLink (Syntax) — XLink ist eine attributbasierte Syntax zur Definition von Links in XML Dokumenten. Ein XLink kann eine Verbindung von einem Punkt A zu einem Punkt B sein (ähnlich dem aus HTML bekanntem Hyperlink Element <a>). Sie können jedoch auch… …   Deutsch Wikipedia

  • RDF-Schema — Das Resource Description Framework Schema (RDFS) ist wie RDF eine W3C Empfehlung. Ebenso wie XML im konkreten Anwendungsfall die Definition eines speziellen Dokumenttyps benötigt, z. B. als Dokumenttypdefinition (DTD), legt das RDF Modell… …   Deutsch Wikipedia

  • XML Binding Language — XBL (XML Binding Language) ist eine XML basierte Auszeichnungssprache, mit der man das Verhalten und Aussehen von XML und HTML Elementen beschreiben kann. Dies geschieht über sogenannte Bindings (Bindungen) in XBL, die an ein solches Element… …   Deutsch Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”