Java Reference
In-Depth Information
When the server responds to a CORS request, it must also send a custom header called
Access‐Control‐Allow‐Origin , and it must contain the same origin specified in the request's
Origin header. Continuing from the previous example, the server's response must contain the
following Access‐Control‐Allow‐Origin header for CORS to work:
Access-Control-Allow-Origin: http://www.abc.com
If this header is missing, or if the origins don't match, the browser doesn't process the request.
Alternatively, the server can include the Access‐Control‐Allow‐Origin header with a value of * ,
signifying that all origins are accepted. This is primarily used by publicly available web services.
Note   These custom headers are automatically handled by the browser. You
do not need to set your own Origin header, and you do not have to manually
check the Access‐Control‐Allow‐Origin .
usability Concerns
Ajax breaks the mold of traditional web applications and pages. It enables developers to build
applications that behave in a more conventional, non‐“webbish” way. This, however, is also a
drawback, because the Internet has been around for many, many years, and users are accustomed to
traditional web pages.
Therefore, it is up to developers to ensure that users can use their web pages, and use them as they
expect to, without causing frustration.
the Browser's Back Button
One of the advantages of XMLHttpRequest is its ease of use. You simply create the object, send
the request, and await the server's response. Unfortunately, this object does have a downside:
Most browsers do not log a history of requests made with the object. Therefore, XMLHttpRequest
essentially breaks the browser's Back button. This might be a desired side‐effect for some Ajax‐
enabled applications or components, but it can cause serious usability problems for the user.
Creating a Back/Forward‐Capable Form with an IFrame
It's possible to avoid breaking the browser's navigational buttons by using an older but reliable Ajax
technique: using hidden frames/iframes to facilitate client‐server communication. You must use two
frames for this method to work properly. One must be hidden, and one must be visible.
Note   Note that when you are using an iframe, the document that contains
the iframe is the visible frame.
The hidden‐frame technique consists of a four‐step process:
1.
The user initiates a JavaScript call to the hidden frame by clicking a link in the visible
frame or performing some other type of user interaction. This call is usually nothing more
 
Search WWH ::




Custom Search