Baseline Widely available
Access-Control-Allow-Credentials ã¬ã¹ãã³ã¹ãããã¼ã¯ããªã¯ã¨ã¹ãã®è³æ ¼æ
å ±ã¢ã¼ã (Request.credentials) ã include ã§ããå ´åã«ãã¬ã¹ãã³ã¹ãããã³ãã¨ã³ãã® JavaScript ã³ã¼ãã«å
¬éãããã©ããããã©ã¦ã¶ã¼ã«æ示ãã¾ãã
証ææ¸ã®è³æ ¼æ
å ±ã¢ã¼ã (Request.credentials) ã include ã§ããå ´åãã¬ã¹ãã³ã¹ãããã³ãã¨ã³ãã® JavaScript ã³ã¼ãã«å
¬éãããã®ã¯ Access-Control-Allow-Credentials ã®å¤ã true ã§ããå ´åã®ã¿ã§ãã
è³æ ¼æ å ±ã¯ Cookieãèªè¨¼ãããã¼ãã¾ã㯠TLS ã¯ã©ã¤ã¢ã³ã証ææ¸ã§ãã
ããªãã©ã¤ããªã¯ã¨ã¹ãã«å¯¾ããã¬ã¹ãã³ã¹ã®ä¸é¨ã¨ãã¦ä½¿ç¨ãããå ´åã¯ãå®éã®ãªã¯ã¨ã¹ããè³æ ¼æ
å ±ã使ç¨ãã¦è¡ãããå¯è½æ§ããããã©ããã示ãã¾ãããªããåç´ãª GET ãªã¯ã¨ã¹ãã¯ããªãã©ã¤ããè¡ãããªãã®ã§ãè³æ ¼æ
å ±ãæã¤ãªã½ã¼ã¹ã«å¯¾ãã¦ãªã¯ã¨ã¹ããè¡ãããå ´åããã®ãããã¼ããªã½ã¼ã¹ã¨ã¨ãã«è¿ãããªãå ´åãã¬ã¹ãã³ã¹ã¯ãã©ã¦ã¶ã¼ã«ãã£ã¦ç¡è¦ããã¦ã§ãã³ã³ãã³ãã¯è¿ããã¾ããã
Access-Control-Allow-Credentials ãããã¼ã¯ã XMLHttpRequest.withCredentials ããããã£ã¾ã㯠Fetch API ã® Request() ã³ã³ã¹ãã©ã¯ã¿ã¼å
ã® credentials ãªãã·ã§ã³ã¨ã®çµã¿åããã§åä½ãã¾ããè³æ ¼æ
å ±ãå«ã CORS ãªã¯ã¨ã¹ãã«ããã¦ããã©ã¦ã¶ã¼ãã¬ã¹ãã³ã¹ã JavaScript ã³ã¼ãã«å
¬éããããã«ããããã«ã¯ããµã¼ãã¼å´ (Access-Control-Allow-Credentials ãããã¼ã使ç¨) ã¨ã¯ã©ã¤ã¢ã³ãå´ (XHR, Fetch Ajax ãªã¯ã¨ã¹ãã®è³æ ¼æ
å ±ã¢ã¼ãã®è¨å®) ã®ä¸¡æ¹ããè³æ ¼æ
å ±ãå«ããã¨ãæ¿èªããªããã°ãªãã¾ããã
Access-Control-Allow-Credentials: trueãã£ã¬ã¯ãã£ã
ãã®ãããã¼ã®å¯ä¸ã®æå¹ãªå¤ã¯ true ã§ã (大æåå°æåãåºå¥ãã¾ã)ãè³æ ¼æ
å ±ãå¿
è¦ã¨ããªãå ´åã¯ã (å¤ã false ã«è¨å®ããã®ã§ã¯ãªã) ãã®ãããã¼ãå®å
¨ã«çç¥ãã¾ãã
è³æ ¼æ å ±ã®è¨±å¯:
Access-Control-Allow-Credentials: true
XHR ãè³æ ¼æ å ±ä»ãã§ä½¿ç¨:
var xhr = new XMLHttpRequest();
xhr.open("GET", "http://example.com/", true);
xhr.withCredentials = true;
xhr.send(null);
Fetch ãè³æ ¼æ å ±ä»ãã§ä½¿ç¨:
fetch(url, {
credentials: "include",
});
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4