xcode 是否可以在 Mobile Safari 中允许跨站点脚本 (XSS)?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/9720756/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Is it possible to allow Cross Site Scripting (XSS) in Mobile safari?
提问by Nathan
I am building a hybrid app (HTML,CSS, JS + Native iOS code), and Would like to make calls to a web service, but this is being blocked currently by the XSS Security.
我正在构建一个混合应用程序(HTML、CSS、JS + 本机 iOS 代码),并且想要调用 Web 服务,但目前这被 XSS 安全阻止。
What do I need to do to turn off this security feature (or more likely provide a whitelist that is allowed to connect?)
我需要做什么来关闭这个安全功能(或者更有可能提供一个允许连接的白名单?)
Thanks for the help!
谢谢您的帮助!
回答by Yusuf X
Yes.
是的。
You can use Cross Origin Resource Sharing, iff you're allowed to configure the server to support it, and it works on enough browsersfor your needs.
您可以使用Cross Origin Resource Sharing,前提是您可以配置服务器以支持它,并且它可以在足够多的浏览器上满足您的需求。
回答by Aaron Digulla
No.
不。
XSS cannot be disabled in any browser - otherwise hackers could easily steal all your money from your bank account. So this isn't a path that you can, should or want to take.
不能在任何浏览器中禁用 XSS - 否则黑客可以轻松地从您的银行帐户中窃取您的所有资金。因此,这不是您可以、应该或想要走的道路。
Ask another question where you describe more clearly what you need to achieve and we can probably help.
问另一个问题,您可以更清楚地描述您需要实现的目标,我们可能会提供帮助。
