javascript 如何在 Orchard CMS 中处理来自 JS 的跨域 Web 服务调用
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19166667/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to handle cross-domain web service calls from JS in Orchard CMS
提问by jfielaidof
I am trying to call a web service cross domain from within an HTML widget. This does not seem to work. It worked great under the same domain. I am trying to create a log in page within Orchard that could be used to log in to my software on another domain. The web service is validating the user credentials and returning a boolean which then would generate the users authentication.
我正在尝试从 HTML 小部件中调用 Web 服务跨域。这似乎不起作用。它在同一个域下工作得很好。我正在尝试在 Orchard 中创建一个登录页面,该页面可用于在另一个域中登录我的软件。Web 服务正在验证用户凭据并返回一个布尔值,然后将生成用户身份验证。
I read that I could use an HTTP Handler or another web service (on the Orchard side) to call the web service on the other domain, but I'm not familiar enough with MVC or Orchard to do this. How can I add one of these to my Orchard web application?
我读到我可以使用 HTTP 处理程序或其他 Web 服务(在 Orchard 端)来调用另一个域上的 Web 服务,但我对 MVC 或 Orchard 不够熟悉,无法执行此操作。如何将其中一种添加到我的 Orchard Web 应用程序中?
回答by Piotr Szmyd
Cross-domain calls from within client-side code are a no-no in all major browsers. You can either
来自客户端代码的跨域调用在所有主要浏览器中都是禁忌。你可以
- Use CORS, ie. set
Access-Control-Allow-Originheader tohttp://your-caller-domain.comin the web service response to allow requests originating from your website domain - Use JSONPtechnique
- Create a custom proxy APIwithin your application (using plain ASP.NET MVC controlleror a WebAPIone) that will perform the call on server side using
WebClientclass and return the response to you.
- 使用CORS,即。在 Web 服务响应中将
Access-Control-Allow-Originheader设置http://your-caller-domain.com为允许来自您网站域的请求 - 使用JSONP技术
- 在您的应用程序中创建一个自定义代理 API(使用普通的ASP.NET MVC 控制器或WebAPI控制器),它将使用
WebClient类在服务器端执行调用并将响应返回给您。
Options are ordered from best to worst. CORS is supported by most browsers, except IE8/9 (which have partial support via XDomainRequest) and older. There are workarounds for this though.
选项按从最好到最差的顺序排列。大多数浏览器都支持 CORS,但 IE8/9(通过 部分支持XDomainRequest)和更早版本除外。不过有解决方法。
Note that first two involve changes on the web-service side - if you can't do it, option 3. is the only one left.
请注意,前两个涉及 Web 服务方面的更改 - 如果您不能这样做,则选项 3. 是唯一剩下的。
