Ajax cross-origin request

Cross-origin AJAX Solution

Recently, the architecture group in the company is discussing AJAX in a heated manner. In the end, we will inevitably talk about how to cross-origin, because from the day when AJAX was born, the problem that XMLHttprequest objects cannot cross-origin requests in firefox persists. It is obviously unrealistic to wait for the browsers to solve this problem, smart Web developers have long thought of a series of methods to solve this problem. The following are two good methods:

1. intermediate layer transition mode:

The intermediate transition, obviously, is to add a transitional layer between AJAX and servers in different domains for communication, this layer transition can be PHP, JSP, c ++, and other languages with network communication functions. The middle layer reads data to servers in different domains. Take PHP as an example. If you need to communicate with a php in different domains, the xmlhttprequest on the client first queries a PHP in the current domain, then, the PHP in the current domain communicates with PHP in different domains, and then the PHP in the current domain outputs response;

2. Use the <script> label

This method uses the src in the <script> tag to query a PHP to obtain the response, because the src attribute of the <script> tag does not have a cross-origin issue.

Let's take a look at the following example:

＜script LANGUAGE="Javascript" src="" id="get"＞ ＜/script＞ ＜script LANGUAGE="Javascript"＞ ＜!-- function get(url) { var obj = document.getElementById("get"); obj.src = url; (obj.readStatus == 200) { alert(param); } } function query() { get(get.php); } //--＞ ＜/script＞ ＜BODY＞ ＜INPUT TYPE="button" value="CLICK ME" onclick="query()"＞ ＜/BODY＞ ＜/HTML＞

The get. php code is:

 

＜?php echo "var param = 'www.achome.cn'"; ?＞

The final running result is that when you click the button, a dialog box with the content "www.achome.cn" will appear.

This method is also called ajaj or ajax without xmlHttprequest. It replaces x with j Because xml and xmlHttprequest are not used when the <script> tag is used.

I have seen many people reluctant to face up to the technical bottlenecks of ajax. In fact, AJAX should be more Ajax than AJAX, highlight the first A is to emphasize that AJAX is actually A method of asynchronous transmission, rather than the specific technology used in the end.

 

 

Obtain the webpage source code in asp and implement cross-Origin

 

I have been studying how to remove the frameworks on pages that translate my blog from google over the past few days. Finally, I come to the conclusion that there is no perfect solution. For more information, see blog-http://www.daokers.cn/article/original/451.htm
We know that static programs are executed locally after we download the web page from the server, while dynamic web pages are executed on the server and then returned to us for execution, this is the so-called dynamic. Then we can start from these two aspects to obtain the webpage source code. Next I will explain in detail how to obtain the source code of the webpage, how to implement cross-origin and how to transmit js values from testing the usg value translated by google.
Objective: To obtain a token.
The first method is to execute a program locally to obtain the source code of the specified webpage, which is completed by adding the xmlhttp component to the js Code.
In the test. js file. Program code function translate (){
Var currentUrl = window. location. href; // obtain the current page address or another website address
Var translateUrl = "http://www.daokerstest.com/test.asp&u=" + currentUrl
Var xmlhttp = new ActiveXObject ("Microsoft. XMLHTTP ");
Xmlhttp. open ("GET", translateUrl, false );
Xmlhttp. send ();
Var myString = xmlhttp. responseText; // obtain the returned source code value.
Document. write (myString) // output this value
}

The second method is the simplest, but the biggest problem is that if you want to obtain the source code of another website, there is a cross-origin problem. The code is stored in xmlhttp. open ("GET", translateUrl, false); cannot be executed, so we can let this code be executed on the server and then passed back, that is, the cross-origin problem is solved through proxy.
Here only one proxy page can be used to obtain the source code of the target page, here the proxy page is the http://www.daokerstest.com/daili.asp
In the test. js file. Program code function translate (){
Var currentUrl = window. location. href; // obtain the current page address or another website address
Var translateUrl = "http://www.daokerstest.com/daili.asp&u=" + currentUrl
Var xmlhttp = new ActiveXObject ("Microsoft. XMLHTTP ");
Xmlhttp. open ("GET", translateUrl, false );
Xmlhttp. send ();
Var myString = xmlhttp. responseText; // obtain the returned source code value.
Document. write (myString) // output this value
}

Daili. asp code: program code <script language = "JScript" runat = "server">
Function getusg (){
Var getusgUrl = "http://www.daokerstest.com/test.asp&u=" + (Request. Item ("id"). Item | "");
Var xmlhttp = new ActiveXObject ("Microsoft. XMLHTTP ");
Xmlhttp. open ("GET", getusgUrl, false );
Xmlhttp. send ();
Var myString = xmlhttp. responseText;
Return myString;
}
Response. Write (getusg ());
</Script>

Here, the transfer of values between asp and js is involved. This method is quite practical. It was told by the Blue ideal xiaoqin. At the beginning, I used string = request ("id") to get the request, and then called <% = string %> in js. The call failed all the time. The last reminder from Qin made me dream. I seriously ignore the execution sequence of js and asp in server. In server, js is executed first and then asp code is executed. So when js calls the string value, asp code has not been executed to obtain the id value! Request. Item ("id"). Item can be used to directly obtain the parameter value in js, thus successfully achieving cross-origin access restriction bypass.
The third method is that js can obtain the webpage source code, and asp can also, and there is no cross-origin issue. The js Code remains unchanged.
Daili. asp code: program code <%
Function getHTTPPage (url)
Dim Http
Set Http = server. createobject ("MSXml2.XmlHTTP ")
Http. open "GET", url, false
Http. send ()
If Http. readystate <> 4 then
Exit function
Else
If Http. status = 200 Then
Response. write replace (BytesToBstr (http. responseBody, "gb2312"), chr (10 ),"")
End If
End if
GetHTTPPage = bytesToBSTR (Http. responseBody, "GB2312 ")
Set http = nothing
If err. number <> 0 then err. Clear
End function
Function BytesToBstr (body, Cset) 'to convert the code. Otherwise, all the code is garbled.
Dim objstream
Set objstream = Server. CreateObject ("adodb. stream ")
Objstream. Type = 1
Objstream. Mode = 3
Objstream. Open
Objstream. Write body
Objstream. Position = 0
Objstream. Type = 2
Objstream. Charset = Cset
BytesToBstr = objstream. ReadText
Objstream. Close
Set objstream = nothing
End Function
Dim Url, Html, Usg, id
Id = Request ("id ")
Url = "http://www.daokerstest.com/test.asp&u=" + id
Html = getHTTPPage (Url)
Response. write Html
'This code is modified from http://www.stubc.com/thread-465-1-3.html
%>

This is to obtain the parameters directly using request in asp, and then obtain the source code of the specified webpage.

From the above example, we can see that XmlHTTP is used to obtain the webpage source code of another site. As long as the code is executed on the server, there is no cross-origin issue.