跨域请求

1.跨域请求

CORS即Cross Origin Resource Sharing 跨域资源共享，

那么跨域请求还分为两种，一种叫简单请求，一种是复杂请求~~

1.1简单请求

HTTP方法是下列方法之一
　　HEAD， GET，POST

HTTP头信息不超出如下几种字段
　　Accept， Accept-Language， Content-Language， Last-Event-ID
　　Content-Type只能是下列类型中的一个
　　　　application/x-www-from-urlencoded
　　　　multipart/form-data
　　　　text/plain

任何一个不知足上述要求的请求，即会被认为是复杂请求~~
复杂请求会先发出一个预请求，咱们也叫预检，OPTIONS请求~~

demo.html

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Title</title>
    <script src="https://cdn.jsdelivr.net/npm/vue/dist/vue.js"></script>
    <script src="https://cdn.bootcss.com/axios/0.19.0-beta.1/axios.js"></script>
    <script>
        function handlerResponse(data) {
            console.log(data)
        }
    </script>
{#    <script src="http://127.0.0.1:8000/demo/"></script>#}
</head>
<body>
<div id="app">

</div>
<script>
    const app = new Vue({
        el: "#app",
        mounted(){
            axios.request({
                url: "http://127.0.0.1:8000/demo/",
                method: "PUT"

            }).then(function (data) {
                console.log("data----------",data)
            })
        }
    })
</script>

</body>
</html>

views.py

from django.shortcuts import render
from django.http import HttpResponse
from rest_framework.views import APIView
from rest_framework.response import Response

# Create your views here.

class DemoView(APIView):
    def get(self, request):
        res = "handlerResponse('跨域测试')"
        # res = "ce测试"
        return HttpResponse(res)

    def put(self, request):
        return Response("put接口测试")

    def post(self, request):
        return Response("POST接口测试")

1.2浏览器的同源策略

跨域是由于浏览器的同源策略致使的，也就是说浏览器会阻止非同源的请求~

那什么是非同源呢~~即域名不一样，端口不一样都属于非同源的~~~

浏览器只阻止表单以及ajax请求，并不会阻止src请求，因此咱们的cnd，图片等src请求均可以发~~

1.3jsonp解决跨域

class DemoView(APIView):
    def get(self, request):
        #前端书写了handlerResponse函数，来处理数据
        res = "handlerResponse('跨域测试')"
        # res = "ce测试"
        return HttpResponse(res)

1.4中间件解决跨域

上面的方式知道便可，不怎么使用了

settings.py

MIDDLEWARE = [
    'untitled.middlewares.MyCors',
]

middlewares.py

from django.middleware.security import SecurityMiddleware
from django.utils.deprecation import MiddlewareMixin

class MyCors(MiddlewareMixin):

    def process_response(self, request, response):
        # 哪些域不拦截
        response["Access-Control-Allow-Origin"] = "*"
        if request.method == "OPTIONS":
            response["Access-Control-Allow-Methods"] = "PUT, DELETE"
            response["Access-Control-Allow-Headers"] = "content-type"
        return response

views.py

from django.shortcuts import render
from django.http import HttpResponse
from rest_framework.views import APIView
from rest_framework.response import Response

# Create your views here.

class DemoView(APIView):
    def get(self, request):
        res = "handlerResponse('跨域测试')"
        # res = "ce测试"
        return HttpResponse(res)

    def put(self, request):
        return Response("put接口测试")

    def post(self, request):
        return Response("POST接口测试")

demo.html

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <title>Title</title>
    <script src="https://cdn.jsdelivr.net/npm/vue/dist/vue.js"></script>
    <script src="https://cdn.bootcss.com/axios/0.19.0-beta.1/axios.js"></script>
    <script>

    </script>

</head>
<body>
<div id="app">

</div>
<script>
const app = new Vue({
        el: "#app",
        mounted(){
            axios.request({
                url: "http://127.0.0.1:8000/demo/",
                method: "POST",
                data: {
                    "name": "Alex"
                }
            }).then(function (data) {
                console.log(data)
            })
        }
    })
</script>

</body>
</html>