1. Brief the Http request
1. The composition of the URL
Such as: juejin. Cn/editor/draf…
Scheme: HTTPS. HTTP and HTTPS are both web request protocols.
Host name: juejin. Cn, or IP+ port number
Path: starts from the first slash (/) after the domain name and ends with the last slash (/).
Parameter (Query) : starts from “? The part between the beginning and “#” is the parameter part.
HTTP default port 80, HTTPS default port 443, and encrypt all request or response headers (except IP requests)
Request header
IP address, Content-Type, Cookie, cache-Control
3. Cross-domain resource sharing -CORS
The same-origin security policy disallows some cross-domain requests, especially Ajax requests, and always allows same-origin requests. CORS defines how browsers and servers can interact and determines whether it is safe to allow cross-domain requests.
Access-control-allow-origin – Contains the host name that allows cross-domain requests to be sent. If this does not match the host name of the user’s site, the cross-domain request will be rejected.
Access-control-allow-credentials – If true in the response header, the cross-domain request contains Cookie headers.
Access-control-allow-methods – This is a comma-separated string that tells the browser which request Methods are allowed in cross-domain requests. If the request method is not included in this response header, the request will not be sent.