Why isn't cross origin policy enforced?
Question
I have this code:
$.getJSON("https://restcountries.eu/rest/v2/name/" + $("#nameOfCountry").val(),
{ fullText: "true" }, function (data) {
console.log(data[0]);
$('#answer').html(data[0].capital);
});
I get the response from the other server. So my question is: why doesn't the browser enforce the cross origin policy here?
1 answers
solution1
1 ACCPTED 2017-03-27 11:02:54
The Same Origin Policy is never enforced by the server. It is enforced by the browser.
In this case, the server has used the CORS standard to include an Access-Control-Allow-Origin header that tells the browser that it has permission to share the data with any other site.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Cross Origin Policy error
Twitter bootstrap js getting blocked by Same Origin Policy, but non-bootstrap isn't. Why?
iframe cross origin policy in IE
Why do I get a Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource
Why doesn't this JavaScript call break the “same origin policy”
Browser without cross origin policy to access iframes
Cross Origin Policy & Fiddler JSON Debugging
why postman doesn't get cross-origin block error?
cross-origin xhr and same-origin-policy
“Cross-Origin Request Blocked: The Same Origin Policy” Error in browser
Related Tags