Content-type: text/html Downes.ca ~ Stephen's Web ~ Fetch: Cross-Origin Requests

Stephen Downes

Knowledge, Learning, Community

In web pages Javascript-based requests to servers for data are limited by origin requirements; basically, the data must come from the same place the page did. So how do application programming interfaces (API) work? These gather data from multiple sources and display it on a single page. In the past, unsafe script hacks were used (this was how we built our referrer system in 2002). Modern Javascript functions use fetch() (released in 2017) and Cross-origin resource sharing (CORS). This article explains how it all works. Your browser sends a preflight request which includes an 'origin' statement, and if the server allows it, it sends a preflight response giving permission. Then the actual request is made. All this is invisible to the user, but just one of a million things web designers have to keep in mind. (Source for this article on GitHub).

Today: 3 Total: 25 [Direct link] [Share]


Stephen Downes Stephen Downes, Casselman, Canada
stephen@downes.ca

Copyright 2024
Last Updated: Dec 25, 2024 08:31 a.m.

Canadian Flag Creative Commons License.

Force:yes