What is the Same Origin Policy?
The same-origin policy is a security policy of the browser. Same origin means that the protocol, domain name, and port number must be exactly the same. Violating the same origin policy is cross-domain .
Access URL under the same origin can be abbreviated
const btn = document.querySelector('button');
btn.onclick = function() {
const xhr = new XMLHttpRequest();
// 因为满足同源策略,所以url路径可以简写
xhr.open('GET','/data');
xhr.send();
xhr.onreadystatechange = function() {
if(xhr.readyState === 4) {
if(xhr.status >= 200 && xhr.status < 300) {
console.log(xhr.response);
}
}
}
}
Precautions
- The webpage opened by the right-click of VScode is port 5500. When testing, we must see if the port set is consistent with our server port. Once inconsistent, cross-domain problems will occur.