被CORS策略阻止,但仍在执行帖子请求,如何?
我使用nodejs在Localhost端口3000上运行了一台服务器。
在那里,我链接了一个数据库,并有2种基本的帖子方法(创建和删除)*。
*(我没有为请求标头写任何额外的检查)
我很想知道如果只有客户端JS(带有虚拟HTML页面)可以自己执行删除!
我写了 this 在客户端JS中(在单独的目录中)
After trying the POST Delete operation like this , I got this ERROR但是即使提出了错误,“删除操作”仍然可以成功地执行,并且具有特定ID的数据已删除!
我的问题是。
I had a server running on localhost port 3000 using NodeJs.
There I had a database linked and had 2 basic POST methods (Create and Delete)*.
*(I had not written any extra checking for request headers)
I was curious to know if only client-side JS (with a dummy HTML page) can perform the deletion by itself!
I wrote THIS in the client-side js (in a separate directory )
After trying the POST Delete operation like this ,
I got this ERROR
But even though error was raised, the "Deletion Operation" was still performed succesfully and the data with the specific id was deleted!
My Question is "what exactly is blocked if it was not the deletion operation ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
使用CORS,服务器侧永远不会阻止请求。它只会指示浏览器在可能的情况下不要发送请求(带有前飞行)。
https://deverice.mozilla.mozilla.org/en-us/docs/ Web/http/cors
With CORS, requests are never blocked on server-side. It will only instruct the browser to not send the requests if possible (with PRE-FLIGHT).
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS