jquery resolves client cross-domain access issues _jquery

Client-side "Cross-domain access" has been a headache, but with jquery to help, the cross-domain problem will be solved after jQuery-1.2. Due to the Cross-domain problem in the project, I take this opportunity to find out the cross-domain problem, consult the relevant data and own practice, which solves the problem of cross domain. are recorded for inspection.

Jquery.ajax () supports a cross domain of Get mode, which is actually done in a JSONP way.

Real Case:

Copy Code code as follows:

$.ajax ({
Async:false,
URL: ' http://www.mysite.com/demo.do ',//cross-domain URL
Type: ' Get ',
DataType: ' Jsonp ',
JSONP: ' Jsoncallback ',//default callback
Data:mydata,
timeout:5000,
Beforesend:function () {//jsonp mode This method is not triggered. The reason may be that datatype, if specified as JSONP, is no longer an AJAX event.
},
Success:function (JSON) {//client jquery predefined callback function that dynamically performs this callback function after successfully acquiring JSON data on a cross-domain server
if (json.actionerrors.length!=0) {
alert (json.actionerrors);
}
Gendynamiccontent (Qsdata,type,json);
},
Complete:function (XMLHttpRequest, Textstatus) {
$.unblockui ({fadeout:10});
},
Error:function (XHR) {
Jsonp way This method is not triggered
Request Error Handling
Alert (Please check the correlation network condition for errors);
}
});

Attention:

Copy Code code as follows:

$.getjson ("http://www.mysite.com/demo.do?name1=" +value1+ "&callback=?",
function (JSON) {
if (JSON. property name = = value) {
Executing code
}
});

This is actually an advanced encapsulation of the previous example $.ajax ({.}) API, and some $.ajax API low-level parameters are encapsulated and invisible.

At the server end of the Request.getparameter ("callback") get the jquery side to be recalled later jsonp32440980
It then returns a similar: "jsonp32440980 (" + JSON array to return + ");
jquery dynamically loads the call through the callback method: jsonp32440980 (JSON array);
This achieves the goal of cross domain data exchange.
Jsonp's basic principle is: Dynamically add a is consistent (QQ space is a lot of this way to achieve cross-domain data exchange). JSONP is a scripting Injection (script injection) behavior, so there are some security risks.

Note: Jquey is not supported for post-domain cross-domain.
This is because although the use of post + dynamic generation of IFRAME can achieve the purpose of the post Cross-domain (there is a JS cow is the way to jquery1.2.5 dozen patch), but this is a more extreme way, not recommended. It can also be said that the cross domain of Get mode is legal, post method is considered illegal from the security point of view, it is necessary or not to post,client the requirement of cross domain access to the end of the world. The HTML5 WebSocket standard supports Cross-domain data exchange, It should also be a future choice for Cross-domain Data interchange solutions.