我继续读,为了使Ajax请求的安全,我需要确保跨站点请求都被禁止。在服务器端,究竟如何做才能禁用跨站点请求,或者检查它们是否禁用/启用?
I keep reading that to make ajax requests safe, I need to make sure that cross-site requests are disabled. On the server side, how exactly do I disable cross-site requests, or check if they are disabled/enabled?
跨站请求被禁用默认情况下.. 供参考:看看同源策略: http://en.wikipedia.org/wiki/Same_origin_policy
Cross site requests are disabled by default.. fyi : take a look at same origin policy : http://en.wikipedia.org/wiki/Same_origin_policy