Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
W
W
WebDev2018-11-28 16:19:51
JavaScript
WebDev, 2018-11-28 16:19:51

Why disable ajax requests from other domains?

Please explain why Ajax requests to other domains are disabled by default? After all, any attacker can proxy a request through the backend or, for example, change hosts and open their site under a foreign domain.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
L
Lynn "Coffee Man", 2018-11-28
@Lynn

Do you want me to transfer all your money with a request to sber.ru or post something interesting on your wall with a request to vk.com?
In proxying through the backend, there is no my authorization in the browser and this is the most important thing

Report
D
Dmitry Esin, 2018-11-28
@SunDeath

Try to formulate the answer to this question yourself first.

Report
P
profesor08, 2018-11-29
@profesor08

They are not prohibited. It's just that the server you want to contact doesn't want it. The browser understands this and blocks the request. That's all. If the server allows, then the browser will understand and not block the request.

Similar questions
U
unlik2015-03-20 00:01:49
How to backup a dump to a remote server? 2Reply
C
codeorlov2018-11-06 13:28:50
How do I restore the database from .frm and ibdata? 1Reply
N
NikitaSova2020-09-16 09:01:55
How to solve error CS0120? 3Reply
V
Vladislav2019-09-07 09:44:30
How to make a regular user a Guest in windows 7? 3Reply
V
Vladimir Kapalev2021-03-27 10:25:24
Which program to batch replace text from a list from a file using regular expressions? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question