Cross-origin request

XMLHttpRequest cannot loadhttp://localhost/MongoTest/person.php. Origin http://localhost:81 is not allowed by Access-Control-Allow-Origin.

Cross-origin request rejected due to same-origin policy

Solution:

1. Use the <SCRIPT> tag

The browser will block Ajax requests from non-same-source content, but there is no restriction on the <SCRIPT> tag to access non-same-source content, and there is no restriction on dynamic addition of the <SCRIPT> tag, so we can use this method to break this restriction.

<script type="text/javascript" src="http://localhost:80/MongoTest/person.php" ></script>

Dynamic addition: Creates a script tag, assigns a value to SRC, and adds it to the HTML document through DOM operations.

2. jsonp

Jsonp (JSON with padding) is a protocol used by the server and client to collaborate with each other to complete cross-origin requests. The client sends requests to the server with the callback function attached, the server returns the corresponding JS Code. This code is used to execute the callback function, and the parameter is the JSON data returned by the server. When a client initiates a cross-origin request, a specific callback function is required. For example, the request http: // localhost: 80/each test/person. php? Callback = sayhello, callback is the callback function, and the server also needs to extract the callback function name through callback. Therefore, the specific parameter must be consistent between the client and the server; otherwise, cross-origin cannot be implemented. Use jquery to implement jsonp

$. Ajax ({type: "Get", async: false, URL: "http://www.xxx.com/ajax.do", datatype: "jsonp", jsonp: "callbackparam ", // The parameter jsonpcallback of the function name used by the server to receive callback calls: "success_jsonpcallback", // The function name success of callback: function (JSON) {alert (JSON ); alert (JSON [0]. name) ;}, error: function () {alert ('fail ');}});

public void ProcessRequest (HttpContext context) {    context.Response.ContentType = "text/plain";    String callbackFunName = context.Request["callbackparam"];    context.Response.Write(callbackFunName + "([ { name:\"John\"}])");}

 

 

Cross-origin request