# CORS (Cross-Origin Resource Sharing) { #cors-cross-origin-resource-sharing }

[CORSまたは「Cross-Origin Resource Sharing」](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) は、ブラウザで実行されているフロントエンドにバックエンドと通信するJavaScriptコードがあり、そのバックエンドがフロントエンドとは異なる「オリジン」にある状況を指します。

## オリジン { #origin }

オリジンはプロトコル (`http`、`https`) とドメイン (`myapp.com`、`localhost`、`localhost.tiangolo.com`) とポート (`80`、`443`、`8080`) の組み合わせです。

したがって、以下はすべて異なるオリジンです:

* `http://localhost`

```
curl http://minio1:9001/minio/health/cluster
HTTP/1.1 503 Service Unavailable
Accept-Ranges: bytes
Content-Length: 0
Server: MinIO
Vary: Origin
X-Amz-Bucket-Region: us-east-1
X-Minio-Write-Quorum: 3
X-Amz-Request-Id: 16239D6AB80EBECF
X-Xss-Protection: 1; mode=block
Date: Tue, 21 Jul 2020 00:36:14 GMT
```

### Cluster-readable probe

    /**
     * Processes the CORS request by setting appropriate headers.
     *
     * @param origin the origin of the request
     * @param request the servlet request
     * @param response the servlet response
     */
    public abstract void process(String origin, ServletRequest request, ServletResponse response);

          git reset origin/master --hard

          ./gradlew wrapper --gradle-version=nightly
          ./gradlew wrapper

          if ! git diff --quiet; then
            ./gradlew -v
            VERSION=$(./gradlew -v | grep "Gradle" | cut -d' ' -f2)
            git add .
            git commit -m "Update Gradle wrapper to $VERSION"
            git push --force origin devprod/upgrade-to-latest-wrapper

* auto-completion: preenchimento automático
* bug: bug
* context manager: gerenciador de contexto
* cross domain: cross domain (do not translate to "domínio cruzado")
* cross origin: cross origin (do not translate to "origem cruzada")
* Cross-Origin Resource Sharing: Cross-Origin Resource Sharing (do not translate to "Compartilhamento de Recursos de Origem Cruzada")
* Deep Learning: Deep Learning (do not translate to "Aprendizado Profundo")

        String[] origins = { "https://site1.com", "https://site2.com", "https://site3.com" };

        for (String origin : origins) {
            processCalled = false;
            corsHandler.process(origin, request, response);
            assertTrue("process should be called for " + origin, processCalled);
            assertEquals(origin, processOrigin);
        }
    }

    this.supportsFastOffset = supportsFastOffset;
  }

  /**
   * Returns, conceptually, "origin + distance", or equivalently, the result of calling {@link
   * #next} on {@code origin} {@code distance} times.
   */
  C offset(C origin, long distance) {
    C current = origin;
    checkNonnegative(distance, "distance");
    for (long i = 0; i < distance; i++) {
      current = next(current);

        final String origin = httpRequest.getHeader("Origin");
        if (StringUtil.isNotBlank(origin)) {
            if (logger.isDebugEnabled()) {
                logger.debug("HTTP Request: method={}", httpRequest.getMethod());
            }
            final CorsHandlerFactory factory = ComponentUtil.getCorsHandlerFactory();
            final CorsHandler handler = factory.get(origin);
            if (handler != null) {

     *     service is the origin of the stream. When zero, the origin is specified in the `origin`
     *     parameter.
     * @param origin when present, the [origin](http://tools.ietf.org/html/rfc6454) is typically
     *     represented as a combination of scheme, host and port. When empty, the origin is that of
     *     the `streamId`.

中间件响应两种特定类型的 HTTP 请求...

### CORS 预检请求 { #cors-preflight-requests }

这是些带有 `Origin` 和 `Access-Control-Request-Method` 请求头的 `OPTIONS` 请求。

在这种情况下，中间件将拦截传入的请求并进行响应，出于提供信息的目的返回一个使用了适当的 CORS headers 的 `200` 或 `400` 响应。

### 简单请求 { #simple-requests }

任何带有 `Origin` 请求头的请求。在这种情况下，中间件将像平常一样传递请求，但是在响应中包含适当的 CORS headers。

## 更多信息 { #more-info }