-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathindex.html
More file actions
909 lines (492 loc) · 56.2 KB
/
index.html
File metadata and controls
909 lines (492 loc) · 56.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
<!doctype html>
<html class="theme-next pisces use-motion">
<head>
<meta charset="UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1"/>
<meta http-equiv="Cache-Control" content="no-transform" />
<meta http-equiv="Cache-Control" content="no-siteapp" />
<link href="/vendors/fancybox/source/jquery.fancybox.css?v=2.1.5" rel="stylesheet" type="text/css"/>
<link href="//fonts.googleapis.com/css?family=Lato:300,400,700,400italic&subset=latin,latin-ext" rel="stylesheet" type="text/css">
<link href="/vendors/font-awesome/css/font-awesome.min.css?v=4.4.0" rel="stylesheet" type="text/css" />
<link href="/css/main.css?v=0.5.0" rel="stylesheet" type="text/css" />
<meta name="keywords" content="Hexo, NexT" />
<link rel="shortcut icon" type="image/x-icon" href="/favicon.ico?v=0.5.0" />
<meta property="og:type" content="website">
<meta property="og:title" content="工大学子技术博客">
<meta property="og:url" content="http://yoursite.com/index.html">
<meta property="og:site_name" content="工大学子技术博客">
<meta name="twitter:card" content="summary">
<meta name="twitter:title" content="工大学子技术博客">
<script type="text/javascript" id="hexo.configuration">
var NexT = window.NexT || {};
var CONFIG = {
scheme: 'Pisces',
sidebar: {"position":"left","display":"post"},
fancybox: true,
motion: true,
duoshuo: {
userId: 0,
author: '博主'
}
};
</script>
<title> 工大学子技术博客 </title>
</head>
<body itemscope itemtype="http://schema.org/WebPage" lang="zh-Hans">
<div class="container one-collumn sidebar-position-left
page-home
">
<div class="headband"></div>
<header id="header" class="header" itemscope itemtype="http://schema.org/WPHeader">
<div class="header-inner"><div class="site-meta ">
<div class="custom-logo-site-title">
<a href="/" class="brand" rel="start">
<span class="logo-line-before"><i></i></span>
<span class="site-title">工大学子技术博客</span>
<span class="logo-line-after"><i></i></span>
</a>
</div>
<p class="site-subtitle"></p>
</div>
<div class="site-nav-toggle">
<button>
<span class="btn-bar"></span>
<span class="btn-bar"></span>
<span class="btn-bar"></span>
</button>
</div>
<nav class="site-nav">
<ul id="menu" class="menu">
<li class="menu-item menu-item-home">
<a href="/" rel="section">
<i class="menu-item-icon fa fa-home fa-fw"></i> <br />
首页
</a>
</li>
<li class="menu-item menu-item-categories">
<a href="/categories" rel="section">
<i class="menu-item-icon fa fa-th fa-fw"></i> <br />
分类
</a>
</li>
<li class="menu-item menu-item-archives">
<a href="/archives" rel="section">
<i class="menu-item-icon fa fa-archive fa-fw"></i> <br />
归档
</a>
</li>
<li class="menu-item menu-item-tags">
<a href="/tags" rel="section">
<i class="menu-item-icon fa fa-tags fa-fw"></i> <br />
标签
</a>
</li>
<li class="menu-item menu-item-about">
<a href="/about" rel="section">
<i class="menu-item-icon fa fa-user fa-fw"></i> <br />
关于
</a>
</li>
</ul>
</nav>
</div>
</header>
<main id="main" class="main">
<div class="main-inner">
<div class="content-wrap">
<div id="content" class="content">
<section id="posts" class="posts-expand">
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/10/03/using-cors/" itemprop="url">
Using CORS (使用跨域资源共享)
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-10-03T08:06:52+08:00" content="2016-10-03">
2016-10-03
</time>
</span>
<span class="post-category" >
|
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="https://schema.org/Thing">
<a href="/categories/trans/" itemprop="url" rel="index">
<span itemprop="name">trans</span>
</a>
</span>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<hr>
<figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line">原文链接: http:<span class="comment">//www.html5rocks.com/en/tutorials/cors/</span></div><div class="line">作者:Monsur Hossain</div></pre></td></tr></table></figure>
<h2 id="简介"><a href="#简介" class="headerlink" title="简介"></a>简介</h2><p>API 是让你能组装一个 web 富应用的脚手架工具,但这些操作浏览器有时候也难以理解,当你跨域去执行一个请求的时候,这些操作技术就仅限于 <code>JSON-P</code>(但出于安全方面的考虑,有时候使用也受限)或者建立一个传统的代理(但建设和维护成本高)。</p>
<p><strong>跨域资源共享 Cross-Origin Resource Sharing</strong> [<code>CORS</code>] 是 W3C 制定的一个标准,允许通过浏览器进行跨域通信。 CORS 建立在 XMLHttpRequest 对象之上,允许开发者用操作同域请求的方式处理跨域请求。</p>
<p>跨域请求的实例随手可见,想象一下,网站 bob.com 想请求 alice.com 网站上的一些数据,在 <code>同源策略</code>下,传统的的方式是不允许进行跨域请求的。但如果, alice.com 支持 CORS 请求, alice.com 可以在请求头中添加一些特殊的响应来允许 bob.com 有能力拿到数据。</p>
<p>从这个例子中也能看出, 实现 CORS 需要服务器和客户端同时协调支持。幸运的是,如果你是个客户端的开发者,大多数的技术 实现细节你都可以屏蔽掉。本文的剩余部分将介绍客户端如何发起一个 CORS 请求,以及如何配置服务器端以支持和响应 CORS </p>
<h2 id="发起一个-CORS-请求"><a href="#发起一个-CORS-请求" class="headerlink" title="发起一个 CORS 请求"></a>发起一个 CORS 请求</h2><p>这部分将介绍如何通过 JavaScript 发起一个 CORS 请求。</p>
<h3 id="创建一个-XMLHtttpRequest-对象"><a href="#创建一个-XMLHtttpRequest-对象" class="headerlink" title="创建一个 XMLHtttpRequest 对象"></a>创建一个 XMLHtttpRequest 对象</h3><p>支持 CORS 的浏览器</p>
<blockquote>
<ul>
<li>Chrome 3+</li>
<li>Firefox 3.5+</li>
<li>Opera 12+</li>
<li>Safari 4+</li>
<li>IE 8+</li>
</ul>
</blockquote>
<p>查看完整的浏览器支持情况 <a href="http://caniuse.com/#search=cors" target="_blank" rel="external">http://caniuse.com/#search=cors</a></p>
<p>Chrome, Firefox, Opera 和 Safari 全部使用 XMLHttpRequst2 对象,IE 使用类似的 XDomainRequest 对象,大多数时候和 XMLHttpRequest 对象以同样的方式起作用,但是增加了额外的安全限制。</p>
<p>开始之前,我们需要创建一个正确的请求对象 Nicholas Zakas 写了一个简单的函数,帮助我们识别不同的浏览器</p>
<figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div></pre></td><td class="code"><pre><div class="line"><span class="function"><span class="keyword">function</span> <span class="title">createCORSRequest</span>(<span class="params">method, url</span>) </span>{</div><div class="line"> <span class="keyword">var</span> xhr = <span class="keyword">new</span> XMLHttpRequrest();</div><div class="line"> <span class="keyword">if</span>(<span class="string">"withCredentials"</span> <span class="keyword">in</span> xhr) {</div><div class="line"> <span class="comment">//检查 XMLHttpRequest 对象是否包含 "withCredentials" 属性</span></div><div class="line"> <span class="comment">// "withCredentials" 仅仅在 XMLHttpRequest2 对象中存在。</span></div><div class="line"> xhr.open(method, url, <span class="literal">true</span>);</div><div class="line"> } <span class="keyword">else</span> <span class="keyword">if</span> (<span class="keyword">typeof</span> XDomainRequest != <span class="string">"undefined"</span>) {</div><div class="line"> <span class="comment">//否则检查是否存在XDomainRequest</span></div><div class="line"> <span class="comment">//XDomainRequest 仅仅存在于 IE 中,IE 用 XDomainRequest 对象发起CORS 请求。</span></div><div class="line"> xhr = <span class="keyword">new</span> XDomainRequest();</div><div class="line"> xhr.open(method, url);</div><div class="line"> } <span class="keyword">else</span> {</div><div class="line"> <span class="comment">//否则,浏览器不支持 CORS</span></div><div class="line"> xhr = <span class="literal">null</span>;</div><div class="line"> }</div><div class="line"> <span class="keyword">return</span> xhr;</div><div class="line">}</div><div class="line"></div><div class="line"><span class="keyword">var</span> xhr = createCORSRequest(<span class="string">'GET'</span>, url);</div><div class="line"><span class="keyword">if</span>(!xhr) {</div><div class="line"> <span class="keyword">throw</span> <span class="keyword">new</span> <span class="built_in">Error</span>(<span class="string">'CORS not supported'</span>);</div><div class="line">}</div></pre></td></tr></table></figure>
<h3 id="事件处理函数"><a href="#事件处理函数" class="headerlink" title="事件处理函数"></a>事件处理函数</h3><p>原始的 XMLHttpRequest 对象仅有一个事件处理函数 <strong>onreadystatechange</strong>, 处理所有的响应,尽管 onreadystatechange 仍然有效,XMLHttpRequest2引进了一系列新的事件处理函数,以下是一个完整列表:</p>
<table>
<thead>
<tr>
<th style="text-align:center">事件处理函数</th>
<th style="text-align:center">描述</th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align:center">onloadstart</td>
<td style="text-align:center">请求开始的时候</td>
</tr>
<tr>
<td style="text-align:center">onprogress</td>
<td style="text-align:center">正在载入和发送数据的时候</td>
</tr>
<tr>
<td style="text-align:center">onabort</td>
<td style="text-align:center">当请求废弃的时候, 比如,抛出 abort() 方法</td>
</tr>
<tr>
<td style="text-align:center">onerror</td>
<td style="text-align:center">当请求失败的时候</td>
</tr>
<tr>
<td style="text-align:center">onload</td>
<td style="text-align:center">当请求成功完成的时候</td>
</tr>
<tr>
<td style="text-align:center">ontimeout</td>
<td style="text-align:center">在设定的溢出时间之前没有完成请求的时候</td>
</tr>
<tr>
<td style="text-align:center">onloadend</td>
<td style="text-align:center">当请求完成的时候,不管是成功还是失败</td>
</tr>
</tbody>
</table>
<p>注:IE 的XDomainRequest 对象不支持 <strong>onloadstart</strong> 和 <strong>onloadend</strong> 方法。<br><a href="http://www.w3.org/TR/XMLHttpRequest2/#events" target="_blank" rel="external">点击访问详情</a></p>
<p>大多数情况下,你是很少会去处理 <strong>onload</strong> 和 <strong>onerror</strong> 事件。</p>
<figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">xhr.onload = <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="keyword">var</span> responseText = xhr.responseText;</div><div class="line"> <span class="built_in">console</span>.log(responseText);</div><div class="line">};</div><div class="line"></div><div class="line">xhr.onerror = <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="built_in">console</span>.log(<span class="string">'There was an error!'</span>)</div><div class="line">};</div></pre></td></tr></table></figure>
<p>当报错之后,浏览器不能具体的告诉你那里出了问题。比如 firefox 对所有的错误和空状态都返回一个 0 。浏览器也会在控制台的日志里面报告一个错误信息,但这个信息通过 js 是拿不到的。所以当我们处理 onerror 时, 你知道发生了错误,其他一无所知。</p>
<h3 id="withCredentials"><a href="#withCredentials" class="headerlink" title="withCredentials"></a>withCredentials</h3><p>标准的 CROS 默认情况下不会发送和设置任何的 cookies 。如果想在请求中包含 cookies,需要将 XMLHttpRequest 对象的 withCredentials 属性设置为 true 。<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">xhr.withCredentials = <span class="literal">true</span>;</div></pre></td></tr></table></figure></p>
<p>同时,服务端需要将响应头中的 Access-Control-Allow-Credentials 设置为 true.<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">Access-Control-Allow-Credentials: <span class="literal">true</span></div></pre></td></tr></table></figure></p>
<p><code>withCredentials</code> 属性将把远端域中的 cookies 包含在每次请求中,同时也设置来自远端的任何一个 cookies 。注意这些 cookies 仍然遵守同源的规则,所以你的代码不能从 document.cookies 或者响应头中拿到他们。他们仅受远端域的控制。</p>
<h3 id="发起请求"><a href="#发起请求" class="headerlink" title="发起请求"></a>发起请求</h3><p>现在你的 CORS 请求配置已完成。已经 准备好发起请求了。通过调用 send() 方法实现。<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">xhr.send();</div></pre></td></tr></table></figure></p>
<p>到这里,假设服务器已经正确的配置好,并且可以正确的响应 CORS 请求,就像你所熟悉的同源 XHR 请求一样。</p>
<h3 id="完整演示"><a href="#完整演示" class="headerlink" title="完整演示"></a>完整演示</h3><p>这是一个完整的 CORS 请求样例,在浏览器的控制台的网络请求中查看真实请求的实现过程。<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div><div class="line">38</div></pre></td><td class="code"><pre><div class="line"><span class="comment">// 创建 XHR 对象</span></div><div class="line"><span class="function"><span class="keyword">function</span> <span class="title">createCORSRequest</span>(<span class="params">method, url</span>) </span>{</div><div class="line"> <span class="keyword">var</span> xhr = <span class="keyword">new</span> XMLHttpRequest();</div><div class="line"> <span class="keyword">if</span> (<span class="string">"withCredentials"</span> <span class="keyword">in</span> xhr) {</div><div class="line"> xhr.open(method, url, <span class="literal">true</span>);</div><div class="line"> } <span class="keyword">else</span> <span class="keyword">if</span> (<span class="keyword">typeof</span> XDomainRequest != <span class="string">"undefined"</span>) {</div><div class="line"> xhr = <span class="keyword">new</span> XDomainRequest();</div><div class="line"> xhr.open(method, url);</div><div class="line"> } <span class="keyword">else</span> {</div><div class="line"> xhr = <span class="literal">null</span>;</div><div class="line"> }</div><div class="line"> <span class="keyword">return</span> xhr;</div><div class="line">}</div><div class="line"><span class="function"><span class="keyword">function</span> <span class="title">getTitle</span>(<span class="params">text</span>) </span>{</div><div class="line"> <span class="keyword">return</span> text.match(<span class="string">'<title>(.*)?</title>'</span>)[<span class="number">1</span>];</div><div class="line">}</div><div class="line"></div><div class="line"><span class="comment">//发起请求</span></div><div class="line"><span class="function"><span class="keyword">function</span> <span class="title">makeCorsRequest</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="keyword">var</span> url = <span class="string">'http://html5rocks-cors.s3-website-us-east-1.amazonaws.com/index.html'</span>;</div><div class="line"></div><div class="line"> <span class="keyword">var</span> xhr = createCORSRequest(<span class="string">'GET'</span>, url);</div><div class="line"> <span class="keyword">if</span> (!xhr) {</div><div class="line"> alert(<span class="string">'CORS not supported'</span>);</div><div class="line"> <span class="keyword">return</span>;</div><div class="line"> }</div><div class="line"> </div><div class="line"><span class="comment">//处理响应</span></div><div class="line">xhr.onload = <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="keyword">var</span> text = xhr.responseText;</div><div class="line"> <span class="keyword">var</span> title = getTitle(text);</div><div class="line"> alert(<span class="string">'Response from CORS request to '</span> + url + <span class="string">': '</span> + title);</div><div class="line"> };</div><div class="line"> xhr.onerror = <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> alert(<span class="string">'Woops, there was an error making the request.'</span>);</div><div class="line"> };</div><div class="line"> xhr.send();</div><div class="line">}</div></pre></td></tr></table></figure></p>
<h2 id="服务器端添加-CORS-支持"><a href="#服务器端添加-CORS-支持" class="headerlink" title="服务器端添加 CORS 支持"></a>服务器端添加 CORS 支持</h2><p>对 CORS 来说,多数比较重的操作在于要在客户端和服务器之间同时操作。当在一个客户端的 CORS 中,浏览器会添加一些常规的请求头,有时候添加一些常规的请求。 这些常规(默认)的请求对客户端来说是隐藏的(但是可以通过一些包分析工具查看他们,比如 <a href="https://www.wireshark.org/" target="_blank" rel="external">Wireshark</a>)</p>
<p><strong>CORS flow</strong></p>
<p><img src="http://7xrzdf.com1.z0.glb.clouddn.com/cors_flow.png" alt="cors-flow"></p>
<p>浏览器厂商负责浏览器端的接口。这部分释解一个服务器如何配置它的头信息以支持 CORS。</p>
<h3 id="CORS-的请求类型"><a href="#CORS-的请求类型" class="headerlink" title="CORS 的请求类型"></a>CORS 的请求类型</h3><p>跨源请求有两种类型:</p>
<ol>
<li>简单请求</li>
<li>非简单请求</li>
</ol>
<p>满足以下标准的请求是简单请求:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div></pre></td><td class="code"><pre><div class="line">HTTP 方法是以下之一:</div><div class="line"> 1. HEAD</div><div class="line"> 2. GET</div><div class="line"> 3. POST</div><div class="line">HTTP 首部是以下之一:</div><div class="line"> 1. Accept</div><div class="line"> 2. Accept-Language</div><div class="line"> 3. Content-Language</div><div class="line"> 4. Last-Event-ID</div><div class="line"> 5. Content-Type, 但值只能是以下三者之一:</div><div class="line"> > application/x-www-form-urlencoded</div><div class="line"> > multipart/form-data</div><div class="line"> > text/plain</div></pre></td></tr></table></figure></p>
<p>以这样的特征定义简单请求,是因为浏览器在没有 CORS 的情况下,已经自带了这些请求的功能。例如使用 JSONP 可以解决跨域的 GET 请求,HTML可以用来发起表单 POST。 </p>
<p>任何不满足以上标准的,是 非简单请求 。在浏览器和服务器之间需要一些额外的通信(称为先验请求),后面我们将介绍。</p>
<h3 id="处理一个简单请求"><a href="#处理一个简单请求" class="headerlink" title="处理一个简单请求"></a>处理一个简单请求</h3><p>让我们从检测一个来自客户端的简单请求开始。JavaScript 代码发起一个简单的 GET 请求,相应的浏览器发起的真实 HTTP 请求; 其中 CORS 特有的首部以粗体标出。</p>
<p>JavaScript:<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line"><span class="keyword">var</span> url = <span class="string">'http://api.alice.com/cors'</span>;</div><div class="line"><span class="keyword">var</span> xhr = createCORSRequest(<span class="string">'GET'</span>, url);</div><div class="line">xhr.send();</div></pre></td></tr></table></figure></p>
<p>HTTP Request:</p>
<blockquote>
<p>GET /cors HTTP/1.1<br><strong>Origin: <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a></strong><br>Host: api.alice.com<br>Accept-Language: en-US<br>Connection: keep-alive<br>User-Agent: Mozilla/5.0…</p>
</blockquote>
<p>首先要注意,一个有效的 CORS 请求<strong>经常</strong>包含一个原始首部(<strong>Origin header</strong>),这个原始首部是由浏览器添加的,用户是控制不了的。这个首部的值包括:协议,域名和端口(如果不是默认端口不能省略)。说明请求是从哪里发起的。</p>
<p>当出现不包含原始首部的情况时,说明是一个同源请求,所有的跨域请求都会包含一个原始首部。一些同源请求也会包含原始首部,例如 FireFox 同源请求中不包含原始首部,Chrome, Safair 在同源请求中(限于 POST/PUT/DELETE 方法)中包含原始首部。以下是一个包含原始首部的同源请求。</p>
<p>HTTP Request:<br><figure class="highlight plain"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div></pre></td><td class="code"><pre><div class="line">POST / cors HTTP/1.1</div><div class="line">Origin: http://api.bob.com</div><div class="line">Host: api.bob.com</div></pre></td></tr></table></figure></p>
<p>好消息是,浏览器不希望 CORS 响应首部出现在同源请求中。同源请求的响应是发送给用户的。不管他是不是 CORS 首部,然而,你的服务端代码返回一个源端不再匹配列表中的错误,确保包含发起请求的域(在匹配列表中)。</p>
<p>以下是一个有效的服务端响应,CORS 特有的首部以粗体标出。</p>
<p>HTTP Request</p>
<blockquote>
<p><strong>Access-Control-Allow-Origin: <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a></strong><br><strong>Access-Control-Allow-credentials: true</strong><br><strong>Access-Control-Expose-Headers: FooBar</strong><br>Content-Type: text/html; charset=utf-8</p>
</blockquote>
<p>所有和 CORS 相关的首部都有 “Access-Control-“ 前缀,以下列出每个首部的详情</p>
<p><strong>Access-Control-Allow-Origin</strong>( required ) 这个首部必须包含在所有有效的 CORS 响应中。省略这个头部,会导致 CORS 请求失败。首部的值可以是原始请求的返回值(向上面就是 <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a> ),也可以为 × ,允许来自所有域的请求。如果你对请求域不做限制,任何一个源都可以请求。如果想要控制控制可请求的源,首部中填入真实的值。</p>
<p><strong>Access-Control-Allow-Credentials</strong> (可选), 默认情况下,cookies 是不包含在首部中的,使用这个首部设置 cookies 是否要包含在 CORS, 请求中。如果需要设置值为 true ,如果不需要设置为 false 。</p>
<p>Access-Control-Allow-Credentials 首部和 XMLHttpRequest2 对象上的 withCredentials 属性一起使用,两者都要设置为 true, 才能保证正确的 CORS 请求。</p>
<p><strong>Access-Control-Expose-Headers</strong> (可选),XHR2 对象有一个 getResponseHeader() 方法,又来返回特殊首部的值。 在一个 CORS 请求中, getResponseHeader() 方法仅仅能拿到简单响应的的首部,简单响应首部定义为以下几种:</p>
<blockquote>
<ul>
<li>Cache-Control</li>
<li>Content-Language</li>
<li>Content-Type</li>
<li>Expires</li>
<li>Last-Modified</li>
<li>Pragma</li>
</ul>
</blockquote>
<p>如果想要拿到其他的首部,就用 <strong>Access-Control-Expose-Headers</strong> 首部,他的值是用逗号隔开的一组你想暴露给客户端的响应头。</p>
<h3 id="处理一个非简单请求"><a href="#处理一个非简单请求" class="headerlink" title="处理一个非简单请求"></a>处理一个非简单请求</h3><p>如果你关注的不仅仅是简单的 GET 请求,还想做更多的事情。可能你想支持更多的 HTTP 方法,像 PUT 或者 DELETE, 或者想支持 JSON 类型,使用头部: Content-Type: application/json. 此时你就需要处理非简单请求啦。</p>
<p>对客户端来说,简单请求和非简单请求很相似。事实上,非简单由两个请求组成。浏览器会先发送一个预验请求( <strong>preflight request</strong> )。预验请求询问服务器是否允许客户端发起真实的请求。一旦被确认允许,浏览器就发起真实请求。浏览器透明的处理这两个请求。预验响应( <strong>preflight response</strong> )同样可以缓存在客户端,这样就不用为每一个请求发起响应了。</p>
<p>下面是一个 非简单请求 的实例<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div></pre></td><td class="code"><pre><div class="line"><span class="keyword">var</span> url = <span class="string">'http://api.alice.com/cors'</span>,</div><div class="line"> xhr = creteCORSRequest(<span class="string">'PUT'</span>, url);</div><div class="line">xhr.setRequestHeader(<span class="string">'X-Custom-Header'</span>, <span class="string">'value'</span>);</div><div class="line">xhr.send();</div></pre></td></tr></table></figure></p>
<p>Preflight Request:</p>
<blockquote>
<p>OPTIONS /cors HTTP/1.1<br><strong>Origin: <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a></strong><br><strong>Access-Control-Request-Method: PUT</strong><br><strong>Access-Control-Request-Headers: X-Custom-Header</strong><br>Host: api.alice.com<br>Accept-Language: en-US<br>Connection: keep-alive<br>User-Agent: Mozilla/5.0…</p>
</blockquote>
<p>和简单请求一样,浏览器为每个请求都加上原始首部,包括预验请求。预验请求发起的是一次 HTTP OPTIONS 请求,所以确保你的服务器能响应处理这个方法。同时也包含其他一些首部。</p>
<p><strong>Access-Control-Request-Method</strong> value 为真实请求的的 HTTP 方法,预验请求中经常包括这个首部,即便是我们之前定义的简单 HTTP 方法(GET,POST, HEAD)中也包括。</p>
<p><strong>Access-Control-Request-Headers</strong>: 包含在请求中由分号隔开的一列非简单首部。</p>
<p>如果,HTTP方法和首部是有效的,服务器应该像下面这样进行响应。</p>
<p>Preflight Request:</p>
<blockquote>
<p>OPTIONS /cors HTTP/1.1<br><strong>Origin: <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a></strong><br><strong>Access-Control-Request-Method: PUT</strong><br><strong>Access-Control-Request-Headers: X-Custom-Header</strong><br>Host: api.alice.com<br>Accept-Language: en-US<br>Connection: keep-alive<br>User-Agent: Mozilla/5.0…</p>
</blockquote>
<p>Preflight Response:</p>
<blockquote>
<p><strong>Access-Control-Allow-Origin: <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a></strong><br><strong>Access-Control-Allow-Methods: GET, POST, PUT</strong><br><strong>Access-Control-Allow-Headers: X-Custom-Header</strong><br>Content-Type: text/html; charset=utf-8</p>
</blockquote>
<p>Access-Control-Allow-Origin (必须)<br>Access-Control-Allow-Methods (必须)<br>Access-Control-Allow-Headers (如果预验请求中也包含这个首部,则必须)<br>Access-Control-Allow-Credentials (可选)<br>Access-Control-Max-Age (可选)</p>
<p>预验请求结束并得到确认后,浏览器发起真实请求。真实请求和简单请求很相似。</p>
<p>如果服务器想拒绝 CORS 请求,只需要返回一个没有 CORS 首部的通用响应。只要预验响应中没有 CORS特有的首部,浏览器判定(预验)请求是无效的,不会发起真实请求。</p>
<p>Preflight Request:</p>
<blockquote>
<p>OPTIONS /cors HTTP/1.1<br>Origin: <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a><br>Access-Control-Request-Method: PUT<br>Access-Control-Request-Headers: X-Custom-Header<br>Host: api.alice.com<br>Accept-Language: en-US<br>Connection: keep-alive<br>User-Agent: Mozilla/5.0…</p>
</blockquote>
<p>Preflight Response:</p>
<blockquote>
<p>// ERROR - No CORS headers, this is an invalid request!<br>Content-Type: text/html; charset=utf-8</p>
</blockquote>
<p>如果 CORS 请求中有错,浏览器会触发 onerror 事件处理函数,在控制台打印出:</p>
<blockquote>
<p>XMLHttpRequest cannot load <a href="http://api.alice.com" target="_blank" rel="external">http://api.alice.com</a>. Origin <a href="http://api.bob.com" target="_blank" rel="external">http://api.bob.com</a> is not allowed by Access-Control-Allow-Origin.</p>
</blockquote>
<p>浏览器不会告诉你更多的细节,只告诉你出错了,但不会告诉你那里出错了。</p>
<h3 id="简单了解安全性"><a href="#简单了解安全性" class="headerlink" title="简单了解安全性"></a>简单了解安全性</h3><p>CORS 能实现跨域请求,但 CORS 首部并不就是安全操作的替代品,不应该依赖 CORS 首部去保障你站点的安全。使用 CORS 首部为浏览器提供跨域请求的能力。同时使用其他一些安全机制对你的网站内容进行安全限制,像 cookies 或者 OAouth2.</p>
<h2 id="JQuey-实现-CORS"><a href="#JQuey-实现-CORS" class="headerlink" title="JQuey 实现 CORS"></a>JQuey 实现 CORS</h2><p>jquery中的 $.ajax() 方法可以同时发起 XHR 和 CORS 请求。但</p>
<blockquote>
<p>jquery CORS 接口不支持 IE 的 XDomainRequest 对象<br>$.support.cors 返回 true 如果浏览器支持 CORS</p>
</blockquote>
<p>下面是有 JQuery 发起一个 CORS 请求<br><figure class="highlight js"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div><div class="line">10</div><div class="line">11</div><div class="line">12</div><div class="line">13</div><div class="line">14</div><div class="line">15</div><div class="line">16</div><div class="line">17</div><div class="line">18</div><div class="line">19</div><div class="line">20</div><div class="line">21</div><div class="line">22</div><div class="line">23</div><div class="line">24</div><div class="line">25</div><div class="line">26</div><div class="line">27</div><div class="line">28</div><div class="line">29</div><div class="line">30</div><div class="line">31</div><div class="line">32</div><div class="line">33</div><div class="line">34</div><div class="line">35</div><div class="line">36</div><div class="line">37</div><div class="line">38</div><div class="line">39</div><div class="line">40</div><div class="line">41</div><div class="line">42</div><div class="line">43</div></pre></td><td class="code"><pre><div class="line">$.ajax({</div><div class="line"></div><div class="line"> <span class="comment">// The 'type' property sets the HTTP method.</span></div><div class="line"> <span class="comment">// A value of 'PUT' or 'DELETE' will trigger a preflight request.</span></div><div class="line"> type: <span class="string">'GET'</span>,</div><div class="line"></div><div class="line"> <span class="comment">// The URL to make the request to.</span></div><div class="line"> url: <span class="string">'http://html5rocks-cors.s3-website-us-east-1.amazonaws.com/index.html'</span>,</div><div class="line"></div><div class="line"> <span class="comment">// The 'contentType' property sets the 'Content-Type' header.</span></div><div class="line"> <span class="comment">// The JQuery default for this property is</span></div><div class="line"> <span class="comment">// 'application/x-www-form-urlencoded; charset=UTF-8', which does not trigger</span></div><div class="line"> <span class="comment">// a preflight. If you set this value to anything other than</span></div><div class="line"> <span class="comment">// application/x-www-form-urlencoded, multipart/form-data, or text/plain,</span></div><div class="line"> <span class="comment">// you will trigger a preflight request.</span></div><div class="line"> contentType: <span class="string">'text/plain'</span>,</div><div class="line"></div><div class="line"> <span class="attr">xhrFields</span>: {</div><div class="line"> <span class="comment">// The 'xhrFields' property sets additional fields on the XMLHttpRequest.</span></div><div class="line"> <span class="comment">// This can be used to set the 'withCredentials' property.</span></div><div class="line"> <span class="comment">// Set the value to 'true' if you'd like to pass cookies to the server.</span></div><div class="line"> <span class="comment">// If this is enabled, your server must respond with the header</span></div><div class="line"> <span class="comment">// 'Access-Control-Allow-Credentials: true'.</span></div><div class="line"> withCredentials: <span class="literal">false</span></div><div class="line"> },</div><div class="line"></div><div class="line"> <span class="attr">headers</span>: {</div><div class="line"> <span class="comment">// Set any custom headers here.</span></div><div class="line"> <span class="comment">// If you set any non-simple headers, your server must include these</span></div><div class="line"> <span class="comment">// headers in the 'Access-Control-Allow-Headers' response header.</span></div><div class="line"> },</div><div class="line"></div><div class="line"> <span class="attr">success</span>: <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="comment">// Here's where you handle a successful response.</span></div><div class="line"> },</div><div class="line"></div><div class="line"> <span class="attr">error</span>: <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="comment">// Here's where you handle an error response.</span></div><div class="line"> <span class="comment">// Note that if the error was due to a CORS issue,</span></div><div class="line"> <span class="comment">// this function will still fire, but there won't be any additional</span></div><div class="line"> <span class="comment">// information about the error.</span></div><div class="line"> }</div><div class="line">});</div></pre></td></tr></table></figure></p>
<p>(完)</p>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/10/03/react-notes-about-form/" itemprop="url">
React系列学习笔记之表单详解
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-10-03T08:04:28+08:00" content="2016-10-03">
2016-10-03
</time>
</span>
<span class="post-category" >
|
<span class="post-meta-item-icon">
<i class="fa fa-folder-o"></i>
</span>
<span class="post-meta-item-text">分类于</span>
<span itemprop="about" itemscope itemtype="https://schema.org/Thing">
<a href="/categories/fed/" itemprop="url" rel="index">
<span itemprop="name">fed</span>
</a>
</span>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<hr>
<blockquote>
<p><strong>1. 可控组件和不可控组件</strong><br><strong>2. 不同表单元素的使用</strong><br><strong>3. 如何复用事件处理函数</strong></p>
</blockquote>
<p> <strong>1.1 不可控组件</strong><br><figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line"><input type=<span class="string">"text"</span> defaultValue=<span class="string">"Hello World!"</span>></div></pre></td></tr></table></figure></p>
<p>前面这个简单的input组件<strong>[react中有两大类组件,一类是自定义的组件,另一类是原生的HTML标签]</strong>就是一个不可控组件。</p>
<p>因为组件中的数据和state中的数据不再对应,而是写死在了组件中。组件中的数据对整个组件来说是不可控的。</p>
<p>不可控组件组件下,如果我们要获取到<code>defaultValue</code>的值,就必须得去操作真实的DOM.<br><figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line"><input type=<span class="string">"text"</span> ref=<span class="string">"hello"</span> defaultValue=<span class="string">"Hello World!"</span>></div></pre></td></tr></table></figure></p>
<figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line"><span class="keyword">var</span> inputValue = React.findDOMNode(<span class="keyword">this</span>.refs.hello).value;</div></pre></td></tr></table></figure>
<p>给组件添加<code>ref</code>属性,然后通过<code>React.findDOMNode()</code>找到对应的节点。</p>
<p> <strong>1.2 可控组件</strong><br><figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div></pre></td><td class="code"><pre><div class="line">getInitialState: <span class="function"><span class="keyword">function</span>(<span class="params"></span>) </span>{</div><div class="line"> <span class="keyword">return</span> {</div><div class="line"> <span class="attr">hello</span>: <span class="string">"Hello World!"</span></div><div class="line"> };</div><div class="line">}</div></pre></td></tr></table></figure></p>
<figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line"><input type=<span class="string">"text"</span> ref=<span class="string">"hello"</span> value={<span class="keyword">this</span>.state.hello}></div></pre></td></tr></table></figure>
<p>上面这个就是可控组件,数据存储在state中,便于使用,读取的是JS对象而不是DOM节点。符合reac单向数据流的特点,数据从state–>render。<br>使用可控组件可以方便的对数据进行处理,比如在handleChange里面可以对数据进行方便的操作。</p>
<p> <strong>2. 不同表单元素的使用</strong><br><figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line"><label htmlFor=<span class="string">"name"</span> className=<span class="string">"name"</span>>name<label></div></pre></td></tr></table></figure></p>
<figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div></pre></td><td class="code"><pre><div class="line"><input type=<span class="string">"checkbox"</span> <span class="comment">/* "radio" "text"*/</span></div><div class="line"> value=<span class="string">"A"</span></div><div class="line"> checked={<span class="keyword">this</span>.state.checked}</div><div class="line"> onchange={<span class="keyword">this</span>.handleChange} /></div></pre></td></tr></table></figure>
<figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div></pre></td><td class="code"><pre><div class="line"><textarea value=<span class="string">"A"</span> rows=<span class="string">"10"</span> cols=<span class="string">"30"</span></div><div class="line"> onChange={<span class="keyword">this</span>.handleChange} /></div></pre></td></tr></table></figure>
<figure class="highlight"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div></pre></td><td class="code"><pre><div class="line"><select value={this.state.hello}</div><div class="line"> onChange={this.handleChange}></div><div class="line"> <option value="one">一</option></div><div class="line"> <option value="two">二</option></div><div class="line"></select></div></pre></td></tr></table></figure>
<p>说明一下上面select的value是每次被选中option的value</p>
<p><strong>3. 如何复用事件处理函数</strong><br>事件函数的可以有<code>bind</code>和<code>name</code>复用两种<br><figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div></pre></td><td class="code"><pre><div class="line">handleChange(name, event){</div><div class="line"> <span class="comment">//...</span></div><div class="line">}</div><div class="line"></div><div class="line">...</div><div class="line"></div><div class="line"><input type=<span class="string">"text"</span> onChange={<span class="keyword">this</span>.handleChange.bind(<span class="keyword">this</span>, <span class="string">`input1`</span>)}></div><div class="line"><input type="text" onChange={this.handleChange.bind(this, `input2`)}></div></pre></td></tr></table></figure></p>
<p><code>bind</code>每次将第二参数传给handleChange的name,这样每次调用handleChange,就可以分辨出是哪个input发生了变化。<br><figure class="highlight jsx"><table><tr><td class="gutter"><pre><div class="line">1</div><div class="line">2</div><div class="line">3</div><div class="line">4</div><div class="line">5</div><div class="line">6</div><div class="line">7</div><div class="line">8</div><div class="line">9</div></pre></td><td class="code"><pre><div class="line">handleChange(name,event){</div><div class="line"> <span class="keyword">var</span> name = event.target.name;</div><div class="line"> ...</div><div class="line">}</div><div class="line"></div><div class="line">...</div><div class="line"></div><div class="line"><input type=<span class="string">"text"</span> name=<span class="string">"input1"</span> onChange={<span class="keyword">this</span>.handleChange}></div><div class="line"><input type="text" name="input2" onChange={this.handleChange}></div></pre></td></tr></table></figure></p>
<p>给input添加name属性,每次在handleChange中获取目标事件的name,确定要处理的input.达到复用事件处理函数。</p>
<p>两种方法都可以复用事件处理函数。不过通过name实现的复用性能比bind实现的低。前者每次都会在事件处理函数中获取一次name的值,后者直接在参数中直接传入。推荐使用bind.</p>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
<article class="post post-type-normal " itemscope itemtype="http://schema.org/Article">
<header class="post-header">
<h1 class="post-title" itemprop="name headline">
<a class="post-title-link" href="/2016/09/30/hello-world/" itemprop="url">
Hello World
</a>
</h1>
<div class="post-meta">
<span class="post-time">
<span class="post-meta-item-icon">
<i class="fa fa-calendar-o"></i>
</span>
<span class="post-meta-item-text">发表于</span>
<time itemprop="dateCreated" datetime="2016-09-30T13:48:50+08:00" content="2016-09-30">
2016-09-30
</time>
</span>
</div>
</header>
<div class="post-body" itemprop="articleBody">
<p>Welcome to <a href="https://hexo.io/" target="_blank" rel="external">Hexo</a>! This is your very first post. Check <a href="https://hexo.io/docs/" target="_blank" rel="external">documentation</a> for more info. If you get any problems when using Hexo, you can find the answer in <a href="https://hexo.io/docs/troubleshooting.html" target="_blank" rel="external">troubleshooting</a> or you can ask me on <a href="https://github.com/hexojs/hexo/issues" target="_blank" rel="external">GitHub</a>.</p>
<h2 id="Quick-Start"><a href="#Quick-Start" class="headerlink" title="Quick Start"></a>Quick Start</h2><h3 id="Create-a-new-post"><a href="#Create-a-new-post" class="headerlink" title="Create a new post"></a>Create a new post</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">$ hexo new <span class="string">"My New Post"</span></div></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/writing.html" target="_blank" rel="external">Writing</a></p>
<h3 id="Run-server"><a href="#Run-server" class="headerlink" title="Run server"></a>Run server</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">$ hexo server</div></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/server.html" target="_blank" rel="external">Server</a></p>
<h3 id="Generate-static-files"><a href="#Generate-static-files" class="headerlink" title="Generate static files"></a>Generate static files</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">$ hexo generate</div></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/generating.html" target="_blank" rel="external">Generating</a></p>
<h3 id="Deploy-to-remote-sites"><a href="#Deploy-to-remote-sites" class="headerlink" title="Deploy to remote sites"></a>Deploy to remote sites</h3><figure class="highlight bash"><table><tr><td class="gutter"><pre><div class="line">1</div></pre></td><td class="code"><pre><div class="line">$ hexo deploy</div></pre></td></tr></table></figure>
<p>More info: <a href="https://hexo.io/docs/deployment.html" target="_blank" rel="external">Deployment</a></p>
</div>
<div>
</div>
<footer class="post-footer">
<div class="post-eof"></div>
</footer>
</article>
</section>
</div>
</div>
<div class="sidebar-toggle">
<div class="sidebar-toggle-line-wrap">
<span class="sidebar-toggle-line sidebar-toggle-line-first"></span>
<span class="sidebar-toggle-line sidebar-toggle-line-middle"></span>
<span class="sidebar-toggle-line sidebar-toggle-line-last"></span>
</div>
</div>
<aside id="sidebar" class="sidebar">
<div class="sidebar-inner">
<section class="site-overview sidebar-panel sidebar-panel-active ">
<div class="site-author motion-element" itemprop="author" itemscope itemtype="http://schema.org/Person">
<img class="site-author-image" itemprop="image"
src="http://7xrzdf.com1.z0.glb.clouddn.com/avatar.jpg"
alt="工大学子" />
<p class="site-author-name" itemprop="name">工大学子</p>
<p class="site-description motion-element" itemprop="description"></p>
</div>
<nav class="site-state motion-element">
<div class="site-state-item site-state-posts">
<a href="/archives">
<span class="site-state-item-count">3</span>
<span class="site-state-item-name">日志</span>
</a>
</div>
<div class="site-state-item site-state-categories">
<a href="/categories">
<span class="site-state-item-count">2</span>
<span class="site-state-item-name">分类</span>
</a>
</div>
<div class="site-state-item site-state-tags">
<a href="/tags">
<span class="site-state-item-count">2</span>
<span class="site-state-item-name">标签</span>
</a>
</div>
</nav>
<div class="links-of-author motion-element">
<span class="links-of-author-item">
<a href="https://github.com/hfutDev" target="_blank">
<i class="fa fa-github"></i> github
</a>
</span>
<span class="links-of-author-item">
<a href="http://weibo.com/u/2307523172" target="_blank">
<i class="fa fa-weibo"></i> weibo
</a>
</span>
</div>
<div class="links-of-blogroll motion-element">
</div>
</section>
</div>
</aside>
</div>
</main>
<footer id="footer" class="footer">
<div class="footer-inner">
<div class="copyright" >
©
<span itemprop="copyrightYear">2016</span>
<span class="with-love">
<i class="fa fa-heart"></i>
</span>
<span class="author" itemprop="copyrightHolder">工大学子</span>
</div>
<div class="powered-by">
由 <a class="theme-link" href="http://hexo.io">Hexo</a> 强力驱动
</div>
<div class="theme-info">
主题 -
<a class="theme-link" href="https://github.com/iissnan/hexo-theme-next">
NexT.Pisces
</a>
</div>
</div>
</footer>
<div class="back-to-top">
<i class="fa fa-arrow-up"></i>
</div>
</div>
<script type="text/javascript">
if (Object.prototype.toString.call(window.Promise) !== '[object Function]') {
window.Promise = null;
}
</script>
<script type="text/javascript" src="/vendors/jquery/index.js?v=2.1.3"></script>
<script type="text/javascript" src="/vendors/fastclick/lib/fastclick.min.js?v=1.0.6"></script>
<script type="text/javascript" src="/vendors/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script>
<script type="text/javascript" src="/vendors/velocity/velocity.min.js"></script>
<script type="text/javascript" src="/vendors/velocity/velocity.ui.min.js"></script>
<script type="text/javascript" src="/vendors/fancybox/source/jquery.fancybox.pack.js"></script>
<script type="text/javascript" src="/js/src/utils.js?v=0.5.0"></script>
<script type="text/javascript" src="/js/src/motion.js?v=0.5.0"></script>
<script type="text/javascript" src="/js/src/affix.js?v=0.5.0"></script>
<script type="text/javascript" src="/js/src/schemes/pisces.js?v=0.5.0"></script>
<script type="text/javascript" src="/js/src/bootstrap.js?v=0.5.0"></script>
</body>
</html>