curl 测试cros请求
博客专区 > O0lele0O 的博客 > 博客详情
curl 测试cros请求
O0lele0O 发表于1年前
curl 测试cros请求
  • 发表于 1年前
  • 阅读 19
  • 收藏 0
  • 点赞 0
  • 评论 0

新睿云服务器60天免费使用,快来体验!>>>   

摘要: 转载 curl测试不准确可以强搂出来 需要页面实测

Sending a regular CORS request using cUrl:

curl -H "Origin: http://example.com" --verbose
https://www.googleapis.com/discovery/v1/apis?fields= The -H "Origin: http://example.com" flag is the third party domain making the request. Substitute in whatever your domain is.

The --verbose flag prints out the entire response so you can see the request and response headers.

The url I'm using above is a sample request to a Google API that supports CORS, but you can substitute in whatever url you are testing.

The response should include the Access-Control-Allow-Origin header.

Sending a preflight request using cUrl:

curl -H "Origin: http://example.com"
-H "Access-Control-Request-Method: POST"
-H "Access-Control-Request-Headers: X-Requested-With"
-X OPTIONS --verbose
https://www.googleapis.com/discovery/v1/apis?fields= This looks similar to the regular CORS request with a few additions:

The -H flags send additional preflight request headers to the server

The -X OPTIONS flag indicates that this is an HTTP OPTIONS request.

If the preflight request is successful, the response should include the Access-Control-Allow-Origin, Access-Control-Allow-Methods, and Access-Control-Allow-Headers response headers. If the preflight request was not successful, these headers shouldn't appear, or the HTTP response won't be 200.

You can also specify additional headers, such as User-Agent, by using the -H flag.

shareimprove this answer edited Aug 29 '12 at 14:01 answered Aug 29 '12 at 13:42

monsur 19.6k66884 1 that page does not seem to return any CORS headers, is that correct? – Janus Troelsen Feb 24 '13 at 20:01

In order to view the actual headers, you need to add the --verbose option, as mentioned above. – monsur Feb 25 '13 at 14:24

Hmm, that may be a bug. Can you try the same request to the following url: server.cors-api.appspot.com/… – monsur Feb 25 '13 at 15:41

--verbose wasn't displaying headers for me either. I replaced it with "--trace-ascii -" – Bryan Larsen Sep 30 '13 at 15:00 2 or --head: curl -H "Origin: http://example.com" --head https://www.googleapis.com/discovery/v1/apis?fields= – John Bachir Apr 6 '14 at 5:30 1 Use --include to see the headers. – Mika Tuupola Feb 18 at 16:18

In the case of S3, the according headers are only added if the proper method is given, you can do so by using curl -H "Access-Control-Request-Method: GET" -H "Origin: http://example.com" -I https://s3.amazonaws.com/your-bucket/file. – Joscha Mar 2 at 2:13

标签: curl cros
  • 打赏
  • 点赞
  • 收藏
  • 分享
共有 人打赏支持
粉丝 2
博文 10
码字总数 25
×
O0lele0O
如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
* 金额(元)
¥1 ¥5 ¥10 ¥20 其他金额
打赏人
留言
* 支付类型
微信扫码支付
打赏金额:
已支付成功
打赏金额: