CORS

[Matej]

Yo , i just came to "Cross-origin-resource sharing" . I have read articles about in on MDN and html5rocks but im not sure i get it . "Cross-origin-resource sharing basicly means that i want to get some content from other site which aint ony my domain (for example site w3schools.com wants some data from codeadacemy.com) using ajax.

But here comes the usage . I only found this way

function createCORSRequest(method, url) {var xhr = new XMLHttpRequest();if ("withCredentials" in xhr) {// XHR for Chrome/Firefox/Opera/Safari.xhr.open(method, url, true);} else if (typeof XDomainRequest != "undefined") {// XDomainRequest for IE.xhr = new XDomainRequest();xhr.open(method, url);} else {// CORS not supported.xhr = null;}return xhr;}// Make the actual CORS request.function makeCorsRequest() {// All HTML5 Rocks properties support CORS.var url = 'http://updates.html5rocks.com';var xhr = createCORSRequest('GET', url);if (!xhr) {alert('CORS not supported');return;}// Response handlers.xhr.onload = function() {var text = xhr.responseText;var title = getTitle(text);alert('Response from CORS request to ' + url + ': ' + title);};xhr.onerror = function() {alert('Woops, there was an error making the request.');};xhr.send();}

Is it really that simple or am i missing something?

And, what does "handling not-so-simple request " mean?On html5 rocks there is an example

var url = 'http://api.alice.com/cors';var xhr = createCORSRequest('PUT', url);xhr.setRequestHeader('X-Custom-Header', 'value');xhr.send();

What is this "handling" used for? I cant find any real life examples or nice explanationThanks for answers and have a nice day.

Edited February 23, 2015 by Matej

[justsomeguy]

The destination server needs to support requests coming from your server, but yeah I think that's about it. The other example just shows adding a custom header and sending a put request instead of get or post.

[Matej]

Thanks ,

 

What are custom headers used for?

[justsomeguy]

Headers are just another way to send data from the browser to the server. If you want the browser to communicate something in particular to the server, a custom header might be one way to do that.