From 33058f2b292b3a581333bdfb21b8f671898c5060 Mon Sep 17 00:00:00 2001
From: Peter Bengtsson <mail@peterbe.com>
Date: Tue, 8 Dec 2020 14:40:17 -0500
Subject: initial commit

---
 .../cross-origin-resource-policy/index.html        | 72 ++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100644 files/zh-cn/web/http/headers/cross-origin-resource-policy/index.html

(limited to 'files/zh-cn/web/http/headers/cross-origin-resource-policy')
diff --git a/files/zh-cn/web/http/headers/cross-origin-resource-policy/index.html b/files/zh-cn/web/http/headers/cross-origin-resource-policy/index.html
new file mode 100644
index 0000000000..6cc94e842b
--- /dev/null
+++ b/files/zh-cn/web/http/headers/cross-origin-resource-policy/index.html
@@ -0,0 +1,72 @@
+---
+title: Cross-Origin-Resource-Policy
+slug: Web/HTTP/Headers/Cross-Origin-Resource-Policy
+tags:
+  - HTTP
+  - HTTP Header
+  - Reference
+  - Response Header
+  - header
+translation_of: Web/HTTP/Headers/Cross-Origin-Resource-Policy
+---
+<div>{{HTTPSidebar}}</div>
+
+<div class="note">
+<p><strong>注意:</strong> 由于<a href="https://bugs.chromium.org/p/chromium/issues/detail?id=952834">Chrome 浏览器中的一个Bug</a>, 设置 Cross-Origin-Resource-Policy（跨域资源策略）会使文件下载失败：当从设置了CORP请求头的资源服务器下载资源时，浏览器会阻止用户使用“保存”或“另存为”按钮将文件保存到本地。在决定生产环境中是否使用这一特性（CORP）之前需要慎重考虑。</p>
+</div>
+
+<p><strong><code>Cross-Origin-Resource-Policy</code></strong> 响应头会指示浏览器阻止对指定资源的无源跨域/跨站点请求。</p>
+
+<table class="properties">
+ <tbody>
+  <tr>
+   <th scope="row">Header type</th>
+   <td>{{Glossary("Response header")}}</td>
+  </tr>
+  <tr>
+   <th scope="row">{{Glossary("Forbidden header name")}}</th>
+   <td>no</td>
+  </tr>
+ </tbody>
+</table>
+
+<h2 id="语法">语法</h2>
+
+<pre class="syntaxbox">Cross-Origin-Resource-Policy: same-site | same-origin
+</pre>
+
+<h2 id="案例">案例</h2>
+
+<p>下面的响应头会导致兼容该响应头的用户代理禁止跨域访问和跨域资源共享：</p>
+
+<pre>Cross-Origin-Resource-Policy: same-origin
+</pre>
+
+<h2 id="详述">详述</h2>
+
+<table class="standard-table">
+ <tbody>
+  <tr>
+   <th scope="col">Specification</th>
+   <th scope="col">Status</th>
+   <th scope="col">Comment</th>
+  </tr>
+  <tr>
+   <td>{{SpecName("Fetch", '#cross-origin-resource-policy-header')}}</td>
+   <td>{{Spec2("Fetch", '#cross-origin-resource-policy-header')}}</td>
+   <td>Initial definition</td>
+  </tr>
+ </tbody>
+</table>
+
+<h2 id="浏览器兼容性">浏览器兼容性</h2>
+
+<div class="hidden">本页面中的兼容性表格由固定格式的数据生成。如果您有意愿参与数据贡献请点击 <a href="https://github.com/mdn/browser-compat-data">https://github.com/mdn/browser-compat-data</a> 并发起合并请求。</div>
+
+<p>{{Compat("http.headers.corb")}}</p>
+
+<h2 id="相关文章">相关文章</h2>
+
+<ul>
+ <li><a href="/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)">Cross-Origin Resource Policy (CORP) explainer</a></li>
+</ul>
-- 
cgit v1.2.3-54-g00ecf


Header type	{{Glossary("Response header")}}
{{Glossary("Forbidden header name")}}	no