Home >Web Front-end >JS Tutorial >What is ajax cross-domain access
AJAX cross-domain access means that when a user visits website A, all cross-domain access requests to website B are submitted to the designated page of website A. That is, Ajax requests a web resource whose target address is a non-local domain (the protocol, domain name, and port are any different), and obtains external application data based on the response.
Ajax requests a web resource whose target address is a non-local domain (the protocol, domain name, and port are any different), and obtains external application data based on the response. For example, when we use Ajax to access public service interfaces such as city weather forecast and IP address, cross-domain is involved. When we request an external service, the browser denies authorized access based on security issues.
The src attributes of script, script, and iframe tags do not have cross-domain problems, so Ajax cross-domain takes advantage of this and JS's support for JSON. The external service only needs to respond to a JS code for the Ajax request. Or JSON data can be obtained by Ajax.
Due to security reasons, client js can only use xmlhttprequest to send requests to the source website. For example, it is not possible to request data from test.readlog.cn at www.readlog.cn. However, there are many solutions. Let’s sort it out here.
Solution 1 Web proxy method (on Server A)
This page replaces the user page to complete the interaction, thereby returning appropriate results. This solution can solve most of the cross-domain access problems that can be thought of at this stage, but it requires website A to provide Web proxy support. Therefore, website A and website B must cooperate closely, and each interaction process, the server of website A The burden increases, and the session state cannot be saved on behalf of the user.
Solution 2. on-Demand method (on Server A)
MYMSN’s portal uses this method, but MYMSN does not involve cross-domain access issues . Dynamically generate new
Solution 3. iframe method (on Server A)
I have viewed a post about cross-domain access on JavaEye that woke up. He mentioned that he had solved the cross-domain access problem using iframe. It is indeed possible to use iframe for data submission and acquisition, but since the parent window and the child window cannot interact (in the case of cross-domain access, this interaction is rejected), the effect on the parent window cannot be completed.
Embed or dynamically generate IFRAME pointing to other websites in the page, and then the two web pages can transmit messages by changing each other's anchor hash fragment. Changing the anchor hash fragment of a web page does not cause the browser to reload the web page, so the state of a web page is maintained, and the web page itself can detect changes in its anchor hash through a timer, and thus change its own anchor hash fragment accordingly. state.
Solution 4. User local dump method (local)
The characteristics of IE itself attached to the windows platform provide us with an iframe-based method that uses memory to "bypass" "The solution is that data can be transmitted between two windows through the windows clipboard on the client. It only needs to set the Interval on the side receiving the data for polling, and clear the Interval after getting the result. FF's platform independence determines that it does not support the clipboard method, and the plug-in vulnerability in previous versions of FF has been fixed, so FF cannot complete the secret crossing through memory. And since FF does not provide support for file operations (data transfer cannot be completed across domains through cookies), this technical method can only be used in IE.
Solution 5: (In fact, the problem of communication with server B is solved by using iframe on server A)
The problem to be solved: occurs when the user submits the web page URL (also Including Tag, Notes, etc.) to the bookmark server.
There are at least three ways to submit URLs:
1. Log in to the submission page of the Bookmark server and submit the URL to be collected to the server through this page.
2. Install the browser plug-in and submit the URL to the server through the plug-in.
3. Dynamically load the javascript gadget from the Bookmark server to the current page, and use it to complete the submission work.
The first method is the easiest to develop, but it is more troublesome for users. Each time they need to log in to the Bookmark server to complete the submission; the second method is not familiar to me in plug-in development, and users are not familiar with it either. I like too many plug-ins to fill my browser; the third method is easy to develop and avoids the trouble of logging into the server every time, so I finally adopted it. In addition to generating a UI for users to fill in information (URL, tag, notes, etc.), the dynamically loaded javascript gadget in the third method also needs to complete the function of communicating with the server when the user clicks submit.
The above is the detailed content of What is ajax cross-domain access. For more information, please follow other related articles on the PHP Chinese website!