Search Options

Display Count
Sort
Preferred Language
Advanced Search

Results 31 - 40 of 166 for CORS (0.02 seconds)

  2. github.com/tiangolo/fastapi

    docs/zh/docs/advanced/middleware.md 

    # 高级中间件 { #advanced-middleware }

用户指南介绍了如何为应用添加[自定义中间件](../tutorial/middleware.md)。

以及如何[使用 `CORSMiddleware` 处理 CORS](../tutorial/cors.md)。

本章学习如何使用其它中间件。

## 添加 ASGI 中间件 { #adding-asgi-middlewares }

因为 **FastAPI** 基于 Starlette,且执行 <abbr title="Asynchronous Server Gateway Interface - 异步服务器网关接口">ASGI</abbr> 规范,所以可以使用任意 ASGI 中间件。

中间件不必是专为 FastAPI 或 Starlette 定制的,只要遵循 ASGI 规范即可。

总之,ASGI 中间件是类,并把 ASGI 应用作为第一个参数。
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Fri Mar 20 17:06:37 GMT 2026
    - 3.7K bytes
    - Click Count (0)
  3. github.com/tiangolo/fastapi

    docs/zh-hant/docs/advanced/strict-content-type.md 

    ## CSRF 風險 { #csrf-risk }

這個預設行為在某個非常特定的情境下,能對一類跨站請求偽造(CSRF, Cross-Site Request Forgery)攻擊提供保護。

這類攻擊利用了瀏覽器在以下情況下允許腳本發送請求而不進行任何 CORS 預檢(preflight)檢查的事實:

- 沒有 `Content-Type` 標頭(例如以 `fetch()` 並使用 `Blob` 作為 body)
- 且沒有送出任何身分驗證憑證

這種攻擊主要與以下情境相關:

- 應用在本機(例如 `localhost`)或內部網路中執行
- 並且應用沒有任何身分驗證,假設同一個網路中的任何請求都可被信任

## 攻擊範例 { #example-attack }
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Fri Mar 20 14:33:04 GMT 2026
    - 3.1K bytes
    - Click Count (0)
  4. github.com/tiangolo/fastapi

    docs/ja/docs/advanced/strict-content-type.md 

    ## CSRF のリスク { #csrf-risk }

この既定の挙動は、ある特定の状況における Cross-Site Request Forgery(CSRF)攻撃の一種に対する保護を提供します。

これらの攻撃は、次の条件を満たすときにブラウザが CORS のプリフライトチェックを行わずにスクリプトからリクエストを送信できる事実を悪用します。

- `Content-Type` ヘッダーがない(例: `Blob` をボディにして `fetch()` を使う)
- かつ、いかなる認証情報も送信しない

この種の攻撃は主に次のような場合に関係します。

- アプリケーションがローカル(例: `localhost`)または社内ネットワークで動作している
    Created: Sun Apr 05 07:19:11 GMT 2026
    - Last Modified: Thu Mar 19 18:55:22 GMT 2026
    - 4.4K bytes
    - Click Count (0)
  5. github.com/square/okhttp

    kotlin-js-store/yarn.lock 

      integrity sha512-XW/Aa8APYr6jSVVA1y/DEIZX0/GMKLEVekNG727R8cs56ahETkRAy/3DR7+fJyh7oUgGwNQaRfXCun0+KbWY7Q==

"@types/cors@^2.8.12":
  version "2.8.13"
  resolved "https://registry.yarnpkg.com/@types/cors/-/cors-2.8.13.tgz#b8ade22ba455a1b8cb3b5d3f35910fd204f84f94"
  integrity sha512-RG8AStHlUiV5ysZQKq97copd2UmVYw3/pRMLefISZ3S1hK104Cwm7iLQ3fTKx+lsUH2CE8FlLaYeEA2LSeqYUA==
  dependencies:
    Created: Fri Apr 03 11:42:14 GMT 2026
    - Last Modified: Sat Jul 22 12:28:51 GMT 2023
    - 87.4K bytes
    - Click Count (0)
  6. github.com/minio/minio

    internal/config/api/help.go 

    			Optional:    true,
			Type:        "duration",
		},
		config.HelpKV{
			Key:         apiCorsAllowOrigin,
			Description: `set comma separated list of origins allowed for CORS requests` + defaultHelpPostfix(apiCorsAllowOrigin),
			Optional:    true,
			Type:        "csv",
		},
		config.HelpKV{
			Key:         apiRemoteTransportDeadline,
    Created: Sun Apr 05 19:28:12 GMT 2026
    - Last Modified: Fri Aug 16 08:43:49 GMT 2024
    - 4.4K bytes
    - Click Count (0)
  7. github.com/minio/minio

    docs/config/README.md 

    cluster_deadline                (duration)  set the deadline for cluster readiness check (default: '10s')
cors_allow_origin               (csv)       set comma separated list of origins allowed for CORS requests (default: '*')
remote_transport_deadline       (duration)  set the deadline for API requests on remote transports while proxying between federated instances e.g. "2h" (default: '2h')
    Created: Sun Apr 05 19:28:12 GMT 2026
    - Last Modified: Tue Aug 12 18:20:36 GMT 2025
    - 18.1K bytes
    - Click Count (1)
  8. github.com/codelibs/fess

    src/test/java/org/codelibs/fess/cors/CorsHandlerTest.java 

     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 * either express or implied. See the License for the specific language
 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.cors;

import java.lang.reflect.Field;
import java.lang.reflect.Modifier;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
    Created: Tue Mar 31 13:07:34 GMT 2026
    - Last Modified: Sat Mar 21 06:04:58 GMT 2026
    - 26.3K bytes
    - Click Count (0)
  9. github.com/codelibs/fess

    src/main/java/org/codelibs/fess/util/ComponentUtil.java 

         */
    public static CrawlerStatsHelper getCrawlerStatsHelper() {
        return getComponent(CRAWLER_STATS_HELPER);
    }

    /**
     * Gets the CORS handler factory component.
     * @return The CORS handler factory.
     */
    public static CorsHandlerFactory getCorsHandlerFactory() {
        return getComponent(CORS_HANDLER_FACTORY);
    }

    /**
    Created: Tue Mar 31 13:07:34 GMT 2026
    - Last Modified: Sat Mar 28 06:59:19 GMT 2026
    - 30.9K bytes
    - Click Count (0)
  10. github.com/codelibs/fess

    src/main/resources/fess_config.properties 

    # Allowed origins for CORS.
api.cors.allow.origin=*
# Allowed HTTP methods for CORS.
api.cors.allow.methods=GET, POST, OPTIONS, DELETE, PUT
# Max age for CORS preflight requests.
api.cors.max.age=3600
# Allowed headers for CORS.
api.cors.allow.headers=Origin, Content-Type, Accept, Authorization, X-Requested-With
# Whether to allow credentials for CORS.
api.cors.allow.credentials=true
    Created: Tue Mar 31 13:07:34 GMT 2026
    - Last Modified: Sat Mar 28 06:59:19 GMT 2026
    - 59.3K bytes
    - Click Count (0)
  11. github.com/minio/minio

    internal/config/api/api.go 

    	if corsList == "" {
		corsAllowOrigin = []string{"*"} // defaults to '*'
	} else {
		corsAllowOrigin = strings.Split(corsList, ",")
		if slices.Contains(corsAllowOrigin, "") {
			return cfg, errors.New("invalid cors value")
		}
	}
	cfg.CorsAllowOrigin = corsAllowOrigin

	if err = config.CheckValidKeys(config.APISubSys, kvs, DefaultKVS, deprecatedKeys...); err != nil {
		return cfg, err
	}
    Created: Sun Apr 05 19:28:12 GMT 2026
    - Last Modified: Fri Aug 29 02:39:48 GMT 2025
    - 11.5K bytes
    - Click Count (1)
Back to Top