Cross-domain
After the front and back ends are separated, there will be problems during joint debugging, that is, the Ajax cross-domain problem. There are many solutions to cross-domain problems. For
example, the regular backend uses CROS, sets the address that allows access to the interface, or uses JSONP, etc.
You can also use the Chrome browser to open a new user to solve cross-domain issues.
step
-
Open terminal
-
input the command
open -n /Applications/Google\ Chrome.app/ --args --disable-web-security --user-data-dir=/Users/yourname/MyChromeDevUserData/
--disable-web-security
Turn off the same-origin policy
What needs to be changed according to different computers is the --user-data-dir
following path.
Mine is as follows:
open -n /Applications/Google\ Chrome.app/ --args --disable-web-security --user-data-dir=/Users/biaofeng/MyChromeDevUserData/
注意:
The MyChromeDevUserData directory must exist, if not, go to the path to create a new one.
- When you see this sentence appear in the browser, the configuration is complete
About samesite
SameSite-cookies is a mechanism for defining how cookies are sent across domains. This is a security mechanism developed by Google and is now implemented in the latest version (Chrome Dev 51.0.2704.4). The purpose of SameSite-cookies is to try to prevent CSRF (Cross-site request forgery) and XSSI (Cross Site Script Inclusion (XSSI)) attacks.
Google Chrome address bar input: chrome://flags/
found: SameSite