About JavaScript access to SOAP-based webservice cross-domain issues

About JavaScript access to SOAP-based webservice cross-domain issues

Recently, a SOAP-based webservice server was built. As a result, accessing WebService with JavaScript encounters a cross-domain problem!

First, the declaration code in the webservice is not I build, because my server address is not convenient to open.

This is the test HTML

<HTML>    <MetaCharSet= "Utf-8" />    <Head>        <title>Calling the WebService service through Ajax</title>        <Script>                        varXHR= NewXMLHttpRequest (); functionsendmsg () {varname=document.getElementById ('name'). Value; //address of the service                varWsurl= 'Http://webservice.webxml.com.cn/WebServices/WeatherWS.asmx'; //Request Body                varSoap= '<soapenv:envelope xmlns:soapenv= "http://schemas.xmlsoap.org/soap/envelope/" xmlns:q0= "http://ws.itcast.cn /"xmlns:xsd=" Http://www.w3.org/2001/XMLSchema "xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance ">' +                                      '<soapenv:body><getregioncountry xmlns= "http://WebXml.com.cn/"/></soapenv:body> </ Soapenv:envelope>'; //Open ConnectionXhr.open ('POST', Wsurl,true); //Reset the request headerXhr.setrequestheader ("Content-type","Text/xml;charset=utf-8"); Xhr.setrequestheader ("SOAPAction","Http://WebXml.com.cn/getRegionCountry"); //Setting the callback functionXhr.onreadystatechange=_back; //Send Requestxhr.send (SOAP); }                        function_back () {if(Xhr.readystate== 4){                    if(Xhr.status==  $){                            //alert (' Call WebService succeeded ');                            varret=Xhr.responsexml; varmsg=Ret.getelementsbytagname ('return')[0]; document.getElementById ('Showinfo'). InnerHTML=Msg.text; //alert (msg.text);                        }                }            }        </Script>    </Head>    <Body>            <inputtype= "button"value= "Send SOAP request"onclick= "sendmsg ();">            <inputtype= "text"ID= "Name">            <DivID= "Showinfo">            </Div>    </Body></HTML>

After the browser presses F12:

Appear

At present, look on the Internet through the JSONP, that is, SRC server-side JS, and then pass the data through the callback function.

However, this has to have a premise: server side to cooperate with you ah, if you and the server side is not a gang, then coordination is a problem ah!

In addition, for the server side, this practice is not safe wow!

For JavaScript's same-origin strategy, it does a good job of improving security! However, it also restricts the development of mobile-only app! of pure html5+js.

At present, I have given up using JavaScript to access WebService, I use pure HTML5 to develop mobile apps, it is also debatable!

Insurance practice is, html5+js do interface, native language do backend!

Well, I do not see Html5+js than the Android XML, WP Xlam a lot better ...

In addition, I for QT cross-platform, expressed great favor!

I hope I can have a great God. JavaScript cross-domain problem, not only to ensure the convenience of customer service, but also ensure the security of the server side!

2014-12-19

About JavaScript access to SOAP-based webservice cross-domain issues