Home > Developer > Ajax

[-Ajax-] how to understand Ajax cross-origin calls

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

"For the Javascript field, the most important security restriction is the same origin policy, which is used to determine the pages on which servers can communicate with each other.

Orgin refers to a single domain such as www.csdn.net, which can be accessed through a single protocol, usually HTTP. The same-source policy specifies that only the pages with the same source can access, download, and interact with resources from the source (using cirpt ). For the frame hiding technique, this requires that all frames are loaded from the same source, so javascript can be used for communication. If you try to load a page from another source in the frame, you cannot interact with the page or access any of the scripts. The same-origin policy is intended to prevent maliciousProgramThe member obtains your message outside the valid webpage.

The same-origin policy also affects XMLHTTP. XMLHTTP cannot be used to access and runCodePage resources. This means that by default, you cannot use a URL starting with http: // In the open () method. You can only use an absolute or relative URL in the same domain name. If you need to access a URL in different sources, you must create a server-side proxy to process the communication ."

Internet Explorer does not provide a display same-origin policy, but relies on its own security zone to determine what to access. The rules that web pages in the internet security zone generally follow are similar to those in the same-origin policy, pages in the trusted site region are not restricted by this policy.

 

The above is the description in the advanced Ajax program design. So how can we understand this passage?

[Actual project] assume that application a and application B are deployed on machine 1 and machine 2, and the page in machine A needs to call the page in B, project found that JavaScript code in a cannot access the content on B's page. This is because of the cross-origin restrictions of JavaScript. However, you can send a request to B through XMLHTTP and receive the response message returned by B. This is not subject to cross-origin restrictions (because B's Web server acts as a proxy ).

You are welcome to leave a message to discuss Ajax cross-origin issues ~

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to use ajax in php with example how to use javascript variable in php using ajax how to get value from ajax response in php how to save data in database using ajax in php how to get data from database using ajax in struts2 ajax send file to php how to understand php code
Related Article
JQuery AJAX Timeout Timeout problem detailed _jquery
The difference between traditional web development patterns a...
JQuery ajax File Download _ajax
Ajax various implementation methods compare _ajax
Ajax Getting Started Guide (ii)
SPRINGMVC passing a parameter list object through Ajax or pas...

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More