couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "CORS" by DaveCottlehuber
Date Mon, 05 Nov 2012 12:49:40 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "CORS" page has been changed by DaveCottlehuber:
http://wiki.apache.org/couchdb/CORS?action=diff&rev1=4&rev2=5

   * dev list [[http://markmail.org/message/wzdge2nb3xkaqzlk|announcement]] from @benoitc
   * JIRA [[https://issues.apache.org/jira/browse/COUCHDB-431]]
  
- == CORS References ==
- 
-  * [[http://www.w3.org/TR/cors/]] CORS standard
-  * [[http://tools.ietf.org/html/rfc6454]] Definition of Origin
-  * [[http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/]]
-  * [[https://developer.mozilla.org/En/HTTP_access_control]]
-  * [[https://developer.mozilla.org/En/Server-Side_Access_Control]]
-  * [[https://developer.mozilla.org/en-US/docs/Same_origin_policy_for_JavaScript]]
- 
- == Client-side CORS support and usage ==
- 
-  * [[http://caniuse.com/cors]] covers browser support
-  * [[http://www.html5rocks.com/en/tutorials/cors/]] has a nice example
-  * [[http://www.kendoui.com/blogs/teamblog/posts/11-10-03/using_cors_with_all_modern_browsers.aspx]]
- 
- Note that at least IE >= 8 does not support pre-flight.
- 
  = Features =
  
-  * simple requests for a couchdb instance
+  * Simple requests for a couchdb instance
-  * preflight requests for a couchdb instance
+  * Preflight requests for a couchdb instance
-  * configuration for a specific CouchDB vhost
+  * Configuration for a specific CouchDB vhost
-  * all origins are matched by default
+  * All origins are excluded by default
  
  = Configuration =
  
@@ -102, +85 @@

  
  TODO
  
+ = Testing Your Implementation =
+ 
+ The following snippet was lifted from [[http://www.html5rocks.com/en/tutorials/cors|html5rocks]]
CORS tutorial:
+ 
+ {{{
+ <!DOCTYPE html>
+ <html lang="en">
+   <head>
+     <title>Testing CORS</title>
+     <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
+     <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js"></script>
+     <meta author="http://www.html5rocks.com/en/tutorials/cors/#toc-adding-cors-support-to-the-server">
+     <meta license="Apache 2.0">
+     <script>
+       
+       // Create the XHR object.
+       function createCORSRequest(method, url) {
+         var xhr = new XMLHttpRequest();
+         if ("withCredentials" in xhr) {
+           // XHR for Chrome/Firefox/Opera/Safari.
+           xhr.open(method, url, true);
+         } else if (typeof XDomainRequest != "undefined") {
+           // XDomainRequest for IE.
+           xhr = new XDomainRequest();
+           xhr.open(method, url);
+         } else {
+           // CORS not supported.
+           xhr = null;
+         }
+         return xhr;
+       }
+ 
+       // Make the actual CORS request.
+       function makeCorsRequest(uri) {
+         console.log("got uri: " + uri);
+         var xhr = createCORSRequest('GET', uri);
+         if (!xhr) {
+           alert('CORS not supported');
+           return;
+         }
+ 
+         // Response handlers.
+         xhr.onload = function() {
+           console.log('Response from CORS request to ' + uri + ': ' + xhr.responseText);
+         };
+ 
+         xhr.onerror = function() {
+           console.log('Woops, there was an error making the request to ' + uri + '.');
+         };
+ 
+         xhr.send();
+       }
+       
+       $(document).ready(function() {
+         makeCorsRequest('http://my.couchdb.org:5984/');
+         });
+   </script>
+   </head>
+   <body>
+   </body>
+ </html>
+ }}}
+ 
+ = Reference Material =
+ 
+ This image is from the excellent [[http://www.html5rocks.com/en/tutorials/cors/|html5rocks]]
CORS tutorial.
+ 
+ {{http://www.html5rocks.com/static/images/cors_flow.png}}
+ 
+ == CORS References ==
+ 
+  * [[http://www.w3.org/TR/cors/]] CORS standard
+  * [[http://tools.ietf.org/html/rfc6454]] Definition of Origin
+  * [[http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/]]
+  * [[https://developer.mozilla.org/En/HTTP_access_control]]
+  * [[https://developer.mozilla.org/En/Server-Side_Access_Control]]
+  * [[https://developer.mozilla.org/en-US/docs/Same_origin_policy_for_JavaScript]]
+ 
+ == Client-side CORS support and usage ==
+ 
+  * [[http://caniuse.com/cors]] covers browser support
+  * [[http://www.html5rocks.com/en/tutorials/cors/]] has a nice example
+  * [[http://www.kendoui.com/blogs/teamblog/posts/11-10-03/using_cors_with_all_modern_browsers.aspx]]
+ 
+ Note that at least IE >= 8 does not support pre-flight.
+ 

Mime
View raw message