# CORS（跨來源資源共用） { #cors-cross-origin-resource-sharing }

[CORS 或「Cross-Origin Resource Sharing」](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)指的是：當在瀏覽器中執行的前端以 JavaScript 與後端通訊，而後端與前端位於不同「來源（origin）」時的情境。

## 來源（Origin） { #origin }

一個來源是由通訊協定（`http`、`https`）、網域（`myapp.com`、`localhost`、`localhost.tiangolo.com`）與連接埠（`80`、`443`、`8080`）三者組合而成。

因此，以下皆是不同的來源：

* `http://localhost`
* `https://localhost`
* `http://localhost:8080`

* callback hell: callback hell (do not translate to "infierno de callbacks")
* tip: Consejo (do not translate to "tip")
* check: Revisa (do not translate to "chequea" or "comprobación)
* Cross-Origin Resource Sharing: Cross-Origin Resource Sharing (do not translate to "Compartición de Recursos de Origen Cruzado")
* Release Notes: Release Notes (do not translate to "Notas de la Versión")

```
git commit -am 'Add some feature'
```

### Push to the branch

Push your locally committed changes to the remote origin (your fork)

```
git push origin my-new-feature
```

### Create a Pull Request

        System.out.println(" p2Branches: " + p2Branches);

        boolean p1IsMaster = p1Branches.contains("origin/master");
        boolean p2IsMaster = p2Branches.contains("origin/master");
        boolean p2IsRelease = p2Branches.stream().anyMatch(b -> b.startsWith("origin/release"));

        if (p1IsMaster && !p2IsMaster && p2IsRelease) {
            List<String> badFiles = filesFromMerge(commit).stream()

# fips140.sum.

default:
	@echo nothing to make

# make v1.2.3.zip builds a v1.2.3.zip file
# from the current origin/master.
# copy and edit the 'go run' command by hand to use a different branch.
v%.zip:
	git fetch origin master
	go run ../../src/cmd/go/internal/fips140/mkzip.go v$*

# normally mkzip refuses to overwrite an existing zip file.

Ancak tarayıcıdaki bir client'ın görebilmesini istediğiniz özel header'larınız varsa, bunları CORS konfigürasyonlarınıza ([CORS (Cross-Origin Resource Sharing)](cors.md)) eklemeniz gerekir. Bunun için, [Starlette'ın CORS dokümanlarında](https://www.starlette.dev/middleware/#corsmiddleware) belgelenen `expose_headers` parametresini kullanın.

///

Но если вы хотите, чтобы клиент в браузере мог видеть ваши пользовательские заголовки, необходимо добавить их в настройки CORS ([CORS (Cross-Origin Resource Sharing)](cors.md)), используя параметр `expose_headers`, описанный в [документации по CORS Starlette](https://www.starlette.dev/middleware/#corsmiddleware).

///

/// note | Технические детали

import okhttp3.internal.authenticator.JavaNetAuthenticator

/**
 * Performs either **preemptive** authentication before connecting to a proxy server, or
 * **reactive** authentication after receiving a challenge from either an origin web server or proxy
 * server.
 *
 * ## Preemptive Authentication
 *
 * To make HTTPS calls using an HTTP proxy server OkHttp must first negotiate a connection with

But if you have custom headers that you want a client in a browser to be able to see, you need to add them to your CORS configurations ([CORS (Cross-Origin Resource Sharing)](cors.md)) using the parameter `expose_headers` documented in [Starlette's CORS docs](https://www.starlette.dev/middleware/#corsmiddleware).

///

/// note | Technical Details

            System.exit(2);
        }

        String targetRef = "refs/remotes/origin/" + targetBranch;

        if (!refExists(targetRef)) {
            System.err.println("Target ref " + targetRef + " not present locally; fetching origin/" + targetBranch + "...");
            run("git", "fetch", "origin", targetBranch);
        }

        String targetSha = stdout("git", "rev-parse", targetRef).trim();