jeena/en.javascript.info
1
0
Fork 0
Code Issues Pull requests Projects Packages Wiki Activity Actions

addition-of-third-header-in-list

Browse source
This commit is contained in:
Manik Kapoor 2021-12-13 18:28:58 +05:30
parent cbdb2187c0
commit 92a8a4050a
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
5-network/05-fetch-crossorigin/article.md
View file

@ -207,10 +207,11 @@ Some time ago no one could even imagine that a webpage could make such requests.
So, to avoid misunderstandings, any "unsafe" request -- that couldn't be done in the old times, the browser does not make such requests right away. First, it sends a preliminary, so-called "preflight" request, to ask for permission. So, to avoid misunderstandings, any "unsafe" request -- that couldn't be done in the old times, the browser does not make such requests right away. First, it sends a preliminary, so-called "preflight" request, to ask for permission.
A preflight request uses the method `OPTIONS`, no body and two headers: A preflight request uses the method `OPTIONS`, no body and three headers:
- `Access-Control-Request-Method` header has the method of the unsafe request. - `Access-Control-Request-Method` header has the method of the unsafe request.
- `Access-Control-Request-Headers` header provides a comma-separated list of its unsafe HTTP-headers. - `Access-Control-Request-Headers` header provides a comma-separated list of its unsafe HTTP-headers.
- `ORIGIN` header tells from where the request came. (such as `https://javascript.info`)
If the server agrees to serve the requests, then it should respond with empty body, status 200 and headers: If the server agrees to serve the requests, then it should respond with empty body, status 200 and headers: