第三方 API 返回数据时，为允许跨域访问必须设置哪个响应头？

If your app receives data from a third-party API, which HTTP response header must the server specify to allow exceptions to the same-origin policy?

题目类型: 技术面试题

这是一道技术面试题，常见于澳洲IT公司面试中。

难度: medium

分类: Web Security

标签: CORS, Access-Control-Allow-Origin

参考答案摘要

这是 CORS 的核心响应头，服务器通过 Access-Control-Allow-Origin 指定允许访问的来源（origin）。

本题提供 STAR 原则详细解答和技术解析，登录匠人学院学习中心即可查看完整答案。

← 返回面试题库

第三方 API 返回数据时，为允许跨域访问必须设置哪个响应头？

Mediumhttpsecurity

想查看完整答案?

登录匠人学院学习中心，获取 STAR 格式回答和详细技术解析

前往学习中心查看答案

We Accept

Company

About Us Metaverse Classroom News & Blog JR Careers Become a Mentor Our Mentors Contact Us JR Store J3.Club

Resources

Job Referrals Events 1-on-1 Tutoring Industry Whitepapers Online Learning Interview Center Share Interview Experience Internship Membership

University Resources

墨尔本大学昆士兰大学新南威尔士大学悉尼大学莫那什大学阿德莱德大学 RMIT QUT UTS

Immigration Services

Australia Immigration Skilled Visa 189/190/491 Employer Sponsored 482/186/494 Business Visa 188/888 UK Immigration US Immigration Canada Immigration

Enterprise

P3 Career Incubator Enterprise (EN)Corporate Training Internship Partnership Recruitment Partnership Apply for Partnership

Job Application Agent

Job Application Service Job Monitoring LinkedIn Management LinkedIn Networking Learn about P3

Support

FAQs Terms & Conditions Privacy Policy Cancellation & Refund Policy Site map

Top Categories

Web Full-Stack Bootcamp DevOps Bootcamp Data Engineering Bootcamp Data Analysis Bootcamp Coding for Beginners Business Analyst Internship Algorithm Bootcamp

Career Services

BA & PM Internship Data Science Internship Data Analysis Internship Marketing Internship Resume Review Interview Coaching VIP Mentor Guidance

Addresses

Level 10b, 144 Edward Street, Brisbane CBD(Headquarter)

Level 2, 171 La Trobe St, Melbourne VIC 3000

四川省成都市武侯区桂溪街道天府大道中段500号D5东方希望天祥广场B座45A13号

Business Hub, 155 Waymouth St, Adelaide SA 5000

Contact

hello@jiangren.com.au 0421-672-555

Disclaimer

JR Academy acknowledges Traditional Owners of Country throughout Australia and recognises the continuing connection to lands, waters and communities. We pay our respect to Aboriginal and Torres Strait Islander cultures; and to Elders past and present. Aboriginal and Torres Strait Islander peoples should be aware that this website may contain images or names of people who have since passed away.

All content on the JR Academy website, including course materials, logos, and information provided, is protected under Australian intellectual property laws. Unauthorized use, sale, distribution, reproduction, or modification is strictly prohibited. Violations may result in legal action. By accessing our website, you agree to respect our intellectual property. JR Academy Pty Ltd reserves all rights, including patents, trademarks, and copyrights. Any infringement will be subject to legal prosecution. View Terms of Service

ABN 26621887572