Skip to content

Commit

Permalink
update CORS Preflight requests link
Browse files Browse the repository at this point in the history
  • Loading branch information
Arhell committed Dec 12, 2021
1 parent 17f0ad7 commit 5622c8d
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion docs/guide-ja/rest-controllers.md
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ public function behaviors()
コントローラに [CORS (クロス・オリジン・リソース共有)](structure-filters.md#cors) フィルタを追加するのは、上記の他のフィルタを追加するのより、若干複雑になります。
と言うのは、CORS フィルタは認証メソッドより前に適用されなければならないため、他のフィルタとは少し異なるアプローチが必要だからです。
また、ブラウザが認証クレデンシャルを送信する必要なく、リクエストが出来るかどうかを前もって安全に判断できるように、
[CORS プリフライト・リクエスト](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests)
[CORS プリフライト・リクエスト](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#preflighted_requests)
の認証を無効にする必要もあります。
下記のコードは、[[yii\rest\ActiveController]] を拡張した既存のコントローラに
[[yii\filters\Cors]] フィルタを追加するのに必要なコードを示しています。
Expand Down
2 changes: 1 addition & 1 deletion docs/guide-zh-CN/rest-controllers.md
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ public function behaviors()
[Cross-Origin Resource Sharing](structure-filters.md#cors) 过滤器添加到控制器比添加到上述其他过滤器中要复杂一些,
因为必须在认证方法之前应用 CORS 过滤器,
因此与其他过滤器相比,需要一些稍微不同的方式来实现。
并且还要为 [CORS Preflight requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests) 禁用身份验证,
并且还要为 [CORS Preflight requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#preflighted_requests) 禁用身份验证,
这样浏览器就可以安全地确定是否可以事先做出请求,
而无需发送身份验证凭据。
下面显示了将 [[yii\filters\Cors]] 过滤器添加到从 [[yii\rest\ActiveController]] 扩展的控制器所需的代码:
Expand Down
2 changes: 1 addition & 1 deletion docs/guide/rest-controllers.md
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ public function behaviors()
Adding the [Cross-Origin Resource Sharing](structure-filters.md#cors) filter to a controller is a bit more complicated
than adding other filters described above, because the CORS filter has to be applied before authentication methods
and thus needs a slightly different approach compared to other filters. Also authentication has to be disabled for the
[CORS Preflight requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests)
[CORS Preflight requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#preflighted_requests)
so that a browser can safely determine whether a request can be made beforehand without the need for sending
authentication credentials. The following shows the code that is needed to add the [[yii\filters\Cors]] filter
to an existing controller that extends from [[yii\rest\ActiveController]]:
Expand Down

0 comments on commit 5622c8d

Please sign in to comment.