javascript 什么是跨域请求/跨域攻击/跨域协议
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/14495595/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What is cross domain request / cross domain attacks / cross domain protocols
提问by shakthydoss
Can some body explain what is cross domain request / cross domain attacks / cross domain protocols with respect the ajax terminology.
一些机构可以解释什么是跨域请求/跨域攻击/跨域协议关于 ajax 术语。
回答by Gjordis
Cross domain request: Requesting content from another host, than where the website is hosted. For example site hosted at google loads a facebook icon from facebook domain.
跨域请求:从其他主机请求内容,而不是网站托管位置。例如,在谷歌托管的站点从 facebook 域加载一个 facebook 图标。
Cross domain attack: I think there are whole books about these, but basically: The domain making the request cannot verify the content retrieved from another host, so it can be modified. Other usual is sending a login form or some other form from another domain instead of the actual login page. Badly designed interface could let you log in or retrieve sensitive data.
跨域攻击:我认为有很多关于这些的书籍,但基本上:发出请求的域无法验证从另一台主机检索到的内容,因此可以对其进行修改。其他通常是从另一个域发送登录表单或其他表单,而不是实际的登录页面。设计不当的界面可能会让您登录或检索敏感数据。
I'm not sure about Ajax protocols.
我不确定 Ajax 协议。
