开发者

AJAX: overcome same origin policy

How do we overcome same origin policy while 开发者_开发技巧implementing AJAX?


Typically, this is accomplished by implementing JSONP script generation on the server, so that generated script calls your callback after it is loaded and executed.

Basically what you need to do is to add script element (with src set to your source url). The script served should, execute a function call to your supplied callback (sent via URL parameter).

Some Ajax frameworks support this kind of communication out of the box, e.g. jQuery.

Also some publicly available services, support JSONP Ajax communication, e.g. Twitter (via callback parameter).


One way would be to AJAX a dynamic page on your site which makes some sort of XMLHTTP request to an external site. This will fetch the external page from the servers point of view though, not the users.

You shouldn't ever be able to access external pages/sites from clients point of view with native scripts.


For bypassing same origin policy, you should create a proxy and then send the request through proxy...

See detailed answer here

Click here for Script for proxy setting

Additional note, I think firefox 3.5 and more automatically bypasses the same origin policy for ajax..


One option - if the server you want to access provides it - is to use JSONP.


There are many ways to overcome this issue. As said above, the most easy way is to use JSONP in your code.

Another way is to use something called CORS Proxy Alternatives. You can click here to learn more.

You could even use AJAX along with YQL or jQuery. You can click here to see how to do that

Hopefully, that helps!

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜