{"json_modified": "2016-10-17T03:58:59.079620", "uuid": "88713266-019a-4db1-994d-c4a448616e96", "title": "HTTP access control (CORS)", "url": "/en-US/docs/Web/HTTP/Access_control_CORS", "tags": ["AJAX", "Same-origin policy", "Security", "XMLHttpRequest", "HTTP"], "translations": [{"uuid": "c97ca639-0d2a-4183-85a6-ce8785c226b2", "title": "Control de acceso HTTP (CORS)", "url": "/es/docs/Web/HTTP/Access_control_CORS", "tags": [], "summary": "Un recurso hace una <strong>solicitud HTTP de origen cruzado</strong> cuando solicita otro recurso de un dominio distinto al que pertenece. Por ejemplo, una p\u00e1gina HTML localizada en https://domain-a.com hace una solicitud <code><a href=\"/en-US/docs/Web/HTML/Element/Img#Attributes\">&lt;img&gt; src</a></code> a https://domain-b.com/image.jpg. Actualmente muchas p\u00e1ginas en la web cargan recursos como hojas de estilos CSS, im\u00e1genes y scripts de dominios separados.", "localization_tags": ["inprogress"], "locale": "es", "last_edit": "2016-07-27T08:24:32", "review_tags": []}, {"uuid": "be5dccb3-0b72-46c6-8520-1c90638475b2", "title": "Contr\u00f4le d'acc\u00e8s HTTP", "url": "/fr/docs/HTTP/Access_control_CORS", "tags": ["Firefox 3.5", "Same-origin policy", "XMLHttpRequest", "HTTP", "AJAX", "cross-site", "S\u00e9curit\u00e9", "Securit\u00e9"], "summary": "Les requ\u00eates HTTP de type <strong>Cross-site </strong>sont des requ\u00eates pour des ressources localis\u00e9es sur un domaine diff\u00e9rent de celui \u00e0 l'origine de la requ\u00eate. Par exemple, une ressource charg\u00e9e depuis le domaine A (<code><span class=\"nowiki\">https://domaina.example</span></code>) comme une page HTML, effectue une requ\u00eate pour\u00a0une ressource provenant du domaine B (<span class=\"nowiki\">https://domainb.foo</span>), comme une image,\u00a0en utilisant la balise\u00a0<code>img</code> (<code><span class=\"nowiki\"><a href=\"https://domainb.foo/image.jpg\">https://domainb.foo/image.jpg</a></span></code>).\u00a0 C'est r\u00e9guli\u00e8rement le cas aujourd'hui sur le web \u2014 des pages chargent\u00a0un nombre\u00a0de ressources \u00e0 la mani\u00e8re Cross-site, en ce inclus des feuilles de style (CSS), des images, des\u00a0scripts, et d'autres ressources.", "localization_tags": [], "locale": "fr", "last_edit": "2016-10-05T13:00:32", "review_tags": []}, {"uuid": "f21d3550-c585-43f2-85b8-ee2ddf5bbc60", "title": "HTTP \u30a2\u30af\u30bb\u30b9\u5236\u5fa1 (CORS)", "url": "/ja/docs/Web/HTTP/HTTP_access_control", "tags": ["Firefox 3.5", "NeedsBrowserAgnostic", "Same-origin policy", "Security", "XMLHttpRequest", "HTTP", "AJAX"], "summary": "\u3042\u308b\u30ea\u30bd\u30fc\u30b9\u304c\u3001\u59cb\u3081\u306b\u81ea\u8eab\u3092\u63d0\u4f9b\u3057\u305f\u30c9\u30e1\u30a4\u30f3\u3068\u306f\u7570\u306a\u308b\u30c9\u30e1\u30a4\u30f3\u306e\u30ea\u30bd\u30fc\u30b9\u3092\u8981\u6c42\u3059\u308b\u3068\u304d\u3001\u305d\u306e\u30ea\u30bd\u30fc\u30b9\u306f<strong>\u30af\u30ed\u30b9\u30aa\u30ea\u30b8\u30f3 HTTP \u30ea\u30af\u30a8\u30b9\u30c8</strong>\u3092\u884c\u3044\u307e\u3059\u3002\u4f8b\u3048\u3070 https://domain-a.com \u304b\u3089\u8aad\u307f\u8fbc\u307e\u308c\u305f HTML \u30da\u30fc\u30b8\u304c\u3001https://domain-b.com/image.jpg \u306b\u5bfe\u3057\u3066 <code><a href=\"/ja/docs/Web/HTML/Element/Img#Attributes\">&lt;img&gt; src</a></code> \u3067\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u884c\u3046\u5834\u5408\u3067\u3059\u3002\u4eca\u65e5\u306e Web \u4e0a\u3067\u306f\u3001\u591a\u304f\u306e\u30da\u30fc\u30b8\u304c CSS \u30b9\u30bf\u30a4\u30eb\u30b7\u30fc\u30c8\u3084\u753b\u50cf\u3001\u30b9\u30af\u30ea\u30d7\u30c8\u3068\u3044\u3063\u305f\u30ea\u30bd\u30fc\u30b9\u3092\u5225\u306e\u30c9\u30e1\u30a4\u30f3\u304b\u3089\u8aad\u307f\u8fbc\u3093\u3067\u3044\u307e\u3059\u3002", "localization_tags": [], "locale": "ja", "last_edit": "2016-08-15T02:50:44", "review_tags": []}, {"uuid": "ced8744e-a9ed-497c-9305-76ab5f4f6e05", "title": "HTTP \uc811\uadfc \uc81c\uc5b4 (CORS)", "url": "/ko/docs/Web/HTTP/Access_control_CORS", "tags": [], "summary": "\ucc98\uc74c \uc11c\ube0c\ub418\ub294 \ub9ac\uc18c\uc2a4\uc758 \ub3c4\uba54\uc778\uacfc \ub2e4\ub978 \ub3c4\uba54\uc778\uc73c\ub85c\ubd80\ud130 \ub9ac\uc18c\uc2a4\uac00 \uc694\uccad\ub420 \uacbd\uc6b0 \ud574\ub2f9 \ub9ac\uc18c\uc2a4\ub294 <strong>cross-origin HTTP \uc694\uccad</strong>\uc5d0 \uc758\ud574 \uc694\uccad\ub429\ub2c8\ub2e4.\u00a0\uc608\ub97c \ub4e4\uc5b4, https://domain-a.com\uc73c\ub85c\ubd80\ud130 \uc11c\ube0c\ub418\ub294\u00a0HTML \ud398\uc774\uc9c0\uac00\u00a0<code><a href=\"/en-US/docs/Web/HTML/Element/Img#Attributes\">&lt;img&gt; src</a></code>\u00a0\uc18d\uc131\uc744 \ud1b5\ud574\u00a0https://domain-b.com/image.jpg\ub97c \uc694\uccad\ud558\ub294 \uacbd\uc6b0\uac00 \uc788\uc2b5\ub2c8\ub2e4. \uc624\ub298\ub0a0 \ub9ce\uc740 \uc6f9 \ud398\uc774\uc9c0\ub4e4\uc740 CSS \uc2a4\ud0c0\uc77c\uc2dc\ud2b8, \uc774\ubbf8\uc9c0, \uadf8\ub9ac\uace0 \uc2a4\ud06c\ub9bd\ud2b8\uc640 \uac19\uc740 \ub9ac\uc18c\uc2a4\ub4e4\uc744 \uac01\uac01\uc758\u00a0\ucd9c\ucc98\ub85c\ubd80\ud130 \uc77d\uc5b4\uc635\ub2c8\ub2e4.", "localization_tags": ["inprogress"], "locale": "ko", "last_edit": "2016-09-11T05:49:30", "review_tags": []}, {"uuid": "530d2872-5ade-4f78-888c-6f567bfb58dd", "title": "HTTP\u8bbf\u95ee\u63a7\u5236(CORS)", "url": "/zh-CN/docs/Web/HTTP/Access_control_CORS", "tags": [], "summary": "\u4e00\u4e2a\u8d44\u6e90\u4f1a<font>\u53d1\u8d77</font>\u4e00\u4e2a\u8de8\u57dfHTTP\u8bf7\u6c42<font>(Cross-site HTTP request),\u00a0\u5f53\u5b83\u8bf7\u6c42\u7684\u4e00\u4e2a\u8d44\u6e90\u662f\u4ece\u4e00\u4e2a\u4e0e</font>\u5b83\u672c\u8eab\u63d0\u4f9b\u7684\u7b2c\u4e00\u4e2a\u8d44\u6e90\u7684<font>\u4e0d\u540c\u7684\u57df\u540d\u65f6\u00a0</font>\u3002", "localization_tags": [], "locale": "zh-CN", "last_edit": "2016-08-08T21:29:09", "review_tags": []}, {"uuid": "354f1d55-2ad3-4ab1-a931-7dde5782d9a9", "title": "HTTP access control (CORS)", "url": "/zh-TW/docs/HTTP/Access_control_CORS", "tags": [], "summary": "\u6240\u8b02\u8de8\u7ad9HTTP\u8acb\u6c42(Cross-site HTTP request)\u662f\u6307\u767c\u51fa\u8acb\u6c42\u6240\u5728\u7db2\u57df\u4e0d\u540c\u65bc\u8acb\u6c42\u6240\u6307\u5411\u4e4b\u7db2\u57df\u7684<a href=\"/en/HTTP\" title=\"en/HTTP\">HTTP</a>\u8acb\u6c42\uff0c\u4f8b\u5982\u7db2\u57dfA(https://domaina.example)\u7684\u7db2\u9801\u8f09\u5165\u4e00\u500b&lt;img&gt;\u5143\u7d20\u5411\u7db2\u57dfB(https://domainb.foo)\u8acb\u6c42\u5f71\u50cf\u8cc7\u6e90(https://domainb.foo/image.jpg)\u3002\u9019\u7a2e\u4f5c\u6cd5\u5728\u73fe\u4eca\u5404\u7db2\u9801\u76f8\u7576\u5e38\u898b\uff0c\u7db2\u9801\u5e38\u5e38\u6703\u8f09\u5165\u5176\u4ed6\u7db2\u7ad9\u8cc7\u6e90\uff0c\u50cf\u662fCSS\u6a23\u5f0f\u8868\u3001\u5f71\u50cf\u3001\u7a0b\u5f0f\u78bc\u7b49\u7b49\u8cc7\u6e90\u3002", "localization_tags": [], "locale": "zh-TW", "last_edit": "2016-08-09T09:50:15", "review_tags": []}], "modified": "2016-10-17T03:58:57", "label": "HTTP access control (CORS)", "localization_tags": [], "locale": "en-US", "id": 1617, "last_edit": "2016-10-17T03:58:47", "summary": "A resource makes a <strong>cross-origin HTTP request</strong> when it requests a resource from a different domain than the one which the first resource itself serves. For example, an HTML page served from https://domain-a.com makes an <code><a href=\"/en-US/docs/Web/HTML/Element/Img#Attributes\">&lt;img&gt; src</a></code> request for https://domain-b.com/image.jpg. Many pages on the web today load resources like CSS\u00a0stylesheets, images and scripts from separate domains.", "sections": [{"id": "Quick_Links", "title": null}, {"id": "Overview", "title": "Overview"}, {"id": "Examples_of_access_control_scenarios", "title": "Examples of access control scenarios"}, {"id": "Simple_requests", "title": "Simple requests"}, {"id": "Preflighted_requests", "title": "Preflighted requests"}, {"id": "Requests_with_credentials", "title": "Requests with credentials"}, {"id": "The_HTTP_response_headers", "title": "The HTTP response headers"}, {"id": "Access-Control-Allow-Origin", "title": "Access-Control-Allow-Origin"}, {"id": "Access-Control-Expose-Headers", "title": "Access-Control-Expose-Headers"}, {"id": "Access-Control-Max-Age", "title": "Access-Control-Max-Age"}, {"id": "Access-Control-Allow-Credentials", "title": "Access-Control-Allow-Credentials"}, {"id": "Access-Control-Allow-Methods", "title": "Access-Control-Allow-Methods"}, {"id": "Access-Control-Allow-Headers", "title": "Access-Control-Allow-Headers"}, {"id": "The_HTTP_request_headers", "title": "The HTTP request headers"}, {"id": "Origin", "title": "Origin"}, {"id": "Access-Control-Request-Method", "title": "Access-Control-Request-Method"}, {"id": "Access-Control-Request-Headers", "title": "Access-Control-Request-Headers"}, {"id": "Specifications", "title": "Specifications"}, {"id": "Browser_compatibility", "title": "Browser compatibility"}, {"id": "Compatibility_notes", "title": "Compatibility notes"}, {"id": "See_also", "title": "See also"}], "slug": "Web/HTTP/Access_control_CORS", "review_tags": []}