axios: a browser-based promise http client node.js of;
axios: A package promise based on asynchronous operation, the callback method of the chain;
Features:
1. Make XMLHttpRequests from the browser
2. Let's HTTP request from node.js
3. Support Promise API
4. interception request and response
The conversion request and response data
6. cancellation request
The automatic data into a JSON
8. client support to prevent XSRF
A plurality of concurrent requests may be sent;
axios.get(url, {//get方法 params: { name: "name" } }) .then(function(response) { console.log(response); }) .catch(function(error) { console.log(error); }); axios.post(url, params, {//post方法 headers: { } }) .then(function(response) { console.log(response); }) .catch(function(error) { console.log(error); });
You can simultaneously execute multiple concurrent requests
csrf: (Crose-site request forgery: cross-domain request forgery) is also referred to: one click attack / session riding
Cross-domain request forgery: access to information to illegal status.
xss harm - session hijacking;
1 using the request does not use post get request modification information;
1, server-side form hash authentication
Randomly generate a hash in which all form, server when the form processing to verify the hash value is correct,
2 code, all code required to submit the form
It can be understood as in http: // After a while referer recorded address to access the site, as long as access to the site to verify whether the address is an address can be defensive measures; if the tour directly in the url address bar, enter the resource is empty referer, thus not be regarded as a safe manner;
3 custom properties in the http header and authentication;
Similar token way, just customize the way
4 implant some cryptographic information in the form, when the form is to send the authentication request;
5 graphically codes
Relatively speaking Captcha code should be the most secure,
Installation: npm install axios;
Introduction means manner: import axios from 'axios';
promise :( for asynchronous operation, the chain may be callback);
Chain callback: The results of the request by way of once again request the whereabouts of server request;
Compatibility Problem:
Android 4.3 does not support the promise about the way
We need to install cnpm install es-promise --save-dev in a project
Or address plus static resources
require("res-promise").polyfill();
The foregoing summary, recent contact with some knowledge in this area so saved to share with you.
If a statement is wrong, correct me trouble.