"Javascript" handles JS interviews - cross-domain questions

Others 2022-05-23 13:24:44 views: 0
1. What is cross-domain?

As long as there is any difference in protocol, domain name, and port, it is cross-domain.

Second, why not cross-domain?

Browsers have a same-origin policy to keep users safe.

Without this strategy, website a can operate the pages of website b, which will cause confusion on the pages of website b, and even obtain information, including the session sent from the server.

3. Cross-domain solutions

1. JSONP
solution

0) Browsers can import JS files in different domains, and use this feature to achieve cross-domain.

1) Directly on the a.com page, add a script tag, the src attribute is the page url of the b website, and pass in a callback parameter.

<script> function dosomething(jsonData){

2) The handlerData.php of the b website, the actual operation is: generate a piece of executable JS code and call the dosomething function you passed in.

Detailed introduction: http://www.cnblogs.com/2050/p/3191744.html
Common solutions for application scenarios
Request method get: It essentially downloads a resource file.

2. Document.domain
application scenario Two conditions

must be met

: 1) The flame frame is embedded in the page.

2) The main domain, protocol, and port of the current page and the page in the iframe must be exactly the same.
Solution

For example, the page address is http://a.baidu.com/, and the embedded iframe is http://b.baidu.com/

Setting the document.domain of the page and the iframe respectively to: baidu.com, the problem can be solved. 3. Use the window.postMessage solution

in H5 The window.postMessage(message, targetOrigin) method is a new feature introduced by html5, which can be used to send messages to other window objects, no matter whether the window objects belong to the same origin or different origins , IE8+, FireFox, Chrome, Opera and other browsers already support the window.postMessage method. Application scenarios 1) Data transfer between pages and their opened new windows 2). Message transfer between multiple windows 3). Page and nested iframe message transfer Details : http://www.cnblogs.com/dolphinX/p /3464056.html 4. CORS Solution Solution CORS defines a mechanism for cross-domain access, which enables AJAX to achieve cross-domain access. CORS allows web applications on one domain to submit cross-domain AJAX requests to another domain. Implementing this functionality is as simple as sending a response header by the server. header("Access-Control-Allow-Origin", "*");
























Guess you like

Origin http://10.200.1.11:23101/article/api/json?id=326803976&siteId=291194637
Recommended
Ranking
ACCESS Group leads the trend of health, scarce raw materials and leading technology help brands ride the wind and waves in the big health industry
500 threads operate int objects at the same time [java multi-thread shared variable]
アート テンプレート レンダリングの基本構文
Vue sends asynchronous request
Ubuntu vs code next update
Description of classes and objects
780. Reaching the End: Number Theory Reasoning and Analysis Questions
OpenCV (image processing) - based on python-filter (how to use low-pass and high-pass filters)
FFmpeg learning (4) - Embed subtitles to the video
The calc( ) property in CSS3
Daily
More
2024-07-26(0)
2024-07-25(0)
2024-07-24(0)
2024-07-23(0)
2024-07-22(0)
2024-07-21(0)
2024-07-20(0)
2024-07-19(0)
2024-07-18(0)
2024-07-17(0)

Code World

© 2018 codetd.com