NO JAVASCRIPT

2,765 views
2,638 views

Published on

Java-ja.js #2での発表資料

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,765
On SlideShare
0
From Embeds
0
Number of Embeds
303
Actions
Shares
0
Downloads
5
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

NO JAVASCRIPT

  1. 1. NO JAVASCRIPT .js
  2. 2. =2 18 +Sho Kusano / rosylilly
  3. 3. Javascript
  4. 4. 2010.10.29 ( )(9) (9) iPad
  5. 5. ……
  6. 6. XHRAccess-Control-Allow-Origin
  7. 7. JS
  8. 8. XHR Lv2Cookie withCredentials = true (JS ) Access-Control-Allow-Origin * ( *.nicovideo.jp
  9. 9. ApacheAccess-Control-Allow-Origin: www.nicovideo.jp(9) nine.nicovideo.jp
  10. 10. www.nicovideo.jp, nine.nicovideo.jp
  11. 11. XMLHttpRequest Level 2 http://www.w3.org/TR/XMLHttpRequest2/Cross-Origin Resources Sharing http://dev.w3.org/2006/waf/access-control/The Web Origin Concept http://tools.ietf.org/html/draft-abarth-origin-09
  12. 12. OriginAllow-Origin The Web Origin Cencept BNF
  13. 13. Origin Cenceptorigin = "Origin:" OWS origin-list-or-null OWSorigin-list-or-null = "null" / origin-listorigin-list = serialized-origin *( SP serialized-origin )serialized-origin = scheme "://" host [ ":" port ] ; <scheme>, <host>, <port> productionsfrom RFC3986 :Access-Control-Allow-Origin: http://www.nicovideo.jp http://nine.nicovideo.jp
  14. 14. Apache .jsApache
  15. 15. www. www. nine. nine.iPad Safari
  16. 16. Origin
  17. 17. 3
  18. 18. Apache : 1mod_header : 2mod_setenvif : 1
  19. 19. mod_headerHeader set X-Auth true
  20. 20. Header set Access-Control-Allow-Origin “${ENV}e” ENV
  21. 21. mod_setenvif
  22. 22. SetEnvIf Origin “(.*.nicovideo.jp)$” ORIGIN=$1
  23. 23. OriginHeader set Access-Control-Allow-Origin “${ORIGIN}e”env=ORIGIN
  24. 24. 3
  25. 25. 4
  26. 26. .js 4 .jsApache
  27. 27. <Wikipedia

×