CORS in Action: Creating and consuming cross-origin APIs (Paperback)

Monsur Hossain

  • 出版商: Manning
  • 出版日期: 2014-10-31
  • 售價: $1,700
  • 貴賓價: 9.5$1,615
  • 語言: 英文
  • 頁數: 240
  • 裝訂: Paperback
  • ISBN: 161729182X
  • ISBN-13: 9781617291821
  • 相關分類: JavaScript
  • 立即出貨 (庫存=1)

買這商品的人也買了...

相關主題

商品描述

Summary

CORS in Action introduces Cross-Origin Resource Sharing (CORS) from both the server and the client perspective. It starts with the basics: how to make CORS requests and how to implement CORS on the server. It then explores key details such as performance, debugging, and security. API authors will learn how CORS opens their APIs to a wider range of users. JavaScript developers will find valuable techniques for building rich web apps that can take advantage of APIs hosted anywhere. The techniques described in this book are especially applicable to mobile environments, where browsers are guaranteed to support CORS.

Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.

About the Book

Suppose you need to share some JSON data with another application or service. If everything is hosted on one domain, it's a snap. But if the data is on another domain, the browser's "same-origin" policy stops you cold. CORS is a new web standard that enables safe cross-domain access without complex server-side code. Mastering CORS makes it possible for web and mobile applications to share data simply and securely.

CORS in Action introduces CORS from both the server and the client perspective. It starts with making and enabling CORS requests and then explores performance, debugging, and security. You'll learn to build apps that can take advantage of APIs hosted anywhere and how to write APIs that expand your products to a wider range of users.

For web developers comfortable with JavaScript. No experience with CORS is assumed.

What's Inside

  • CORS from the ground up
  • Serving and consuming cross-domain data
  • Best practices for building CORS APIs
  • When to use CORS alternatives like JSON-P and proxies

About the Author

Monsur Hossain is an engineer at Google who has worked on API-related projects such as the Google JavaScript Client, the APIs Discovery Service, and CORS support for Google APIs.

Table of Contents

PART 1 INTRODUCING CORS
PART 2 CORS ON THE SERVER
PART 3 DEBUGGING CORS REQUESTS
APPENDIXES
  1. The Core of CORS
  2. Making CORS requests
  3. Handling CORS requests
  4. Handling preflight requests
  5. Cookies and response headers
  6. Best practices
  7. Debugging CORS requests
  1. CORS reference
  2. Configuring your environment
  3. What is CSRF?
  4. Other cross-origin techniques

商品描述(中文翻譯)


摘要

CORS in Action 從伺服器和客戶端的角度介紹了跨源資源共享(CORS)。它從基礎知識開始:如何進行CORS請求以及如何在伺服器上實現CORS。然後探討了性能、調試和安全等關鍵細節。API作者將學習CORS如何將其API開放給更廣泛的用戶。JavaScript開發人員將找到有價值的技巧,用於構建可以利用任何地方托管的API的豐富Web應用程序。本書中描述的技術尤其適用於移動環境,其中瀏覽器保證支持CORS。

購買印刷版書籍將包括Manning Publications提供的PDF、Kindle和ePub格式的免費電子書。

關於本書

假設您需要與另一個應用程序或服務共享一些JSON數據。如果所有內容都托管在一個域上,這很容易。但是,如果數據位於另一個域上,瀏覽器的“同源策略”將阻止您。CORS是一個新的Web標準,它可以在不需要複雜的服務器端代碼的情況下實現安全的跨域訪問。掌握CORS使Web和移動應用程序能夠簡單且安全地共享數據。

CORS in Action 從伺服器和客戶端的角度介紹了CORS。它從進行和啟用CORS請求開始,然後探討性能、調試和安全性。您將學習構建可以利用任何地方托管的API的應用程序的技巧,以及如何編寫擴展您的產品到更廣泛用戶範圍的API。

適用於熟悉JavaScript的Web開發人員。不需要CORS經驗。

內容簡介


  • 從頭開始的CORS

  • 提供和使用跨域數據

  • 構建CORS API的最佳實踐

  • 何時使用JSON-P和代理等CORS替代方案

關於作者

Monsur Hossain 是Google的工程師,曾參與Google JavaScript Client、APIs Discovery Service和Google APIs的CORS支持等相關項目。

目錄

第1部分 介紹CORS

第2部分 伺服器上的CORS

第3部分 調試CORS請求

附錄


  1. CORS的核心

  2. 進行CORS請求

  3. 處理CORS請求

  4. 處理預檢請求

  5. Cookie和響應標頭

  6. 最佳實踐

  7. 調試CORS請求


  1. CORS參考

  2. 配置您的環境

  3. 什麼是CSRF?

  4. 其他跨域技術