javascript 什么是跨域问题
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/23927850/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
What is the cross domain issue
提问by Joe.wang
If I asked a stupid question here, Please don't laugh at me .
如果我在这里问了一个愚蠢的问题,请不要嘲笑我。
I have being heard Cross Domain Issuemany times, But not really get involved in it in real case. So I searched it in the google. But found many posts are talking about The cross domain issue when make a ajax call. Not found even a post to tell about what exactly cross domain issue is, and why the cross domain is not allowed? and more question is if I say the cross domain issue, does it mean I made a wrong ajax request to different domain? Any other cases would cause this issue? Thanks.
我已经听过Cross Domain Issue很多次了,但在实际案例中并没有真正参与其中。所以我在谷歌搜索了它。但是发现很多帖子都在讲The cross domain issue when make a ajax call。甚至没有找到一个帖子来说明究竟是什么跨域问题,以及为什么不允许跨域?还有更多的问题是,如果我说跨域问题,是否意味着我向不同的域发出了错误的 ajax 请求?任何其他情况会导致这个问题?谢谢。
The posts I read are
我读过的帖子是
How do I send a cross-domain POST request via JavaScript?
"No 'Access-Control-Allow-Origin' header is present on the requested resource"
回答by Fenton
This is a security restriction that prevents requests being made from one origin to another.
这是一种安全限制,可防止从一个源向另一个源发出请求。
For example, it will prevent an https://page hitting an http://address because the protocol is different.
例如,它会阻止https://页面http://因为协议不同而访问地址。
It will stop example.comcalling another.combecause it is a different domain.
它将停止example.com调用,another.com因为它是一个不同的域。
It will stop www.example.comcalling subdomain.example.combecause it is a different sub domain.
它将停止www.example.com调用,subdomain.example.com因为它是不同的子域。
And it will stop example.com:80calling example.com:8080because it is a different port.
它会停止example.com:80调用,example.com:8080因为它是一个不同的端口。
It is possible to make cross-origin requests either using JSONP (if you trust the server!) or using a CORS request (Cross-Origin Resource Sharing), which both client and server must agree to (I can supply more details if you need it on this).
可以使用 JSONP(如果您信任服务器!)或使用 CORS 请求(跨源资源共享)发出跨域请求,客户端和服务器都必须同意(如果您需要,我可以提供更多详细信息它在此)。
回答by MichealRay
1.what exactly cross domain issue is & not allowed : it is because same-site origin policy which blocks Web pages from accessing data from another domain. for information assurance, javascript is limited to send request from one to another.
1.究竟什么跨域问题是&不允许的:这是因为同站点源策略阻止网页访问来自另一个域的数据。为了信息保证,javascript 仅限于从一个发送请求到另一个。
2.A cross domain request is not a wrong one. you may deal with it by some methods,like jsonp.
2.跨域请求没有错。你可以通过一些方法来处理它,比如jsonp。
this link is about jsonp: Jsonp
这个链接是关于jsonp的: Jsonp
