Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commite404ef8

Browse files
committed
boom
1 parentc37ddd1 commite404ef8

File tree

1 file changed

+37
-0
lines changed

1 file changed

+37
-0
lines changed

‎v3/index.html‎

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,7 @@ <h1 id="api-v3">API v3</h1>
4747
<li><ahref="#authentication">Authentication</a></li>
4848
<li><ahref="#pagination">Pagination</a></li>
4949
<li><ahref="#rate-limiting">Rate Limiting</a></li>
50+
<li><ahref="#cross-origin-resource-sharing">Cross Origin Resource Sharing</a></li>
5051
<li><ahref="#json-p-callbacks">JSON-P Callbacks</a></li>
5152
</ul><h2id="schema">Schema</h2>
5253

@@ -229,6 +230,42 @@ <h2 id="pagination">Pagination</h2>
229230
to request white listed access for your application. We prefer sites that
230231
setup OAuth applications for their users.</p>
231232

233+
<h2id="cross-origin-resource-sharing">Cross Origin Resource Sharing</h2>
234+
235+
<p>The API supports Cross Origin Resource Sharing (CORS) for AJAX requests.
236+
you can read the<ahref="http://www.w3.org/TR/cors">CORS W3C working draft</a>, or
237+
<ahref="http://code.google.com/p/html5security/wiki/CrossOriginRequestSecurity">this intro</a> from the
238+
HTML 5 Security Guide.</p>
239+
240+
<p>Here’s a sample request sent from a browser hitting
241+
<code>http://some-site.com</code>:</p>
242+
243+
<pre><code>$ curl -i https://api.github.com -H "Origin: http://some-site.com"
244+
HTTP/1.1 302 Found
245+
</code></pre>
246+
247+
<p>Any domain that is registered as an OAuth Application is accepted.
248+
Here’s a sample request for a browser hitting<ahref="http://calendaraboutnothing.com/">Calendar About Nothing</a>:</p>
249+
250+
<pre><code>$ curl -i https://api.github.com -H "Origin: http://calendaraboutnothing.com"
251+
HTTP/1.1 302 Found
252+
Access-Control-Allow-Origin: http://calendaraboutnothing.com
253+
Access-Control-Expose-Headers: Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
254+
Access-Control-Allow-Credentials: true
255+
</code></pre>
256+
257+
<p>This is what the CORS preflight request looks like:</p>
258+
259+
<pre><code>$ curl -i https://api.github.com -H "Origin: http://calendaraboutnothing.com" -X OPTIONS
260+
HTTP/1.1 204 No Content
261+
Access-Control-Allow-Origin: http://calendaraboutnothing.com
262+
Access-Control-Allow-Headers: Authorization, X-Requested-With
263+
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
264+
Access-Control-Expose-Headers: Link, X-RateLimit-Limit, X-RateLimit-Remaining, X-OAuth-Scopes, X-Accepted-OAuth-Scopes
265+
Access-Control-Max-Age: 86400
266+
Access-Control-Allow-Credentials: true
267+
</code></pre>
268+
232269
<h2id="json-p-callbacks">JSON-P Callbacks</h2>
233270

234271
<p>You can send a<code>?callback</code> parameter to any GET call to have the results

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp