Opera 不会加载一些 JavaScript 文件 [英] Opera won't load some JavaScript files

问题描述

我有一个在 IFRAME 中加载的网页，它可以在 IE 和 Firefox 中正确运行，但不能在 Opera 中正常运行.我讨厌，因为我多年来一直是 Opera 用户.我写了这个东西.:-)

问题是 Opera 没有加载组成页面的一些 JavaScript 文件.我怀疑这与以下事实有关:页面本身是通过 HTTPS 加载的，而包含的文件是通过来自不同主机和端口的 HTTP 加载的.我相信 Opera 允许这样做，但 Dragonfly 的 Net 选项卡甚至没有显示尝试加载它们.

页面是一个Rally自定义应用程序"，我无法控制它被加载的事实在 IFRAME 中或通过 HTTPS 加载.我也无法控制包含的文件是从不同的主机加载的，或者主机只支持 HTTP 的事实.所以我有点被混合内容困住了.

除其他内容外，页面的 HEAD 元素包含(稍微清理):

<script src="http://www.example.com:81/common/jquery-1.4.2.js"></script><script src="http://www.example.com:81/common/jsTree/jquery.jstree.js"></script><script src="http://www.example.com:81/common/utils_jserror.js"></script><script src="http://www.example.com:81/common/utils_logging.js"></script><script src="http://www.example.com:81/common/utils_print_r.js"></script><script src="http://www.example.com:81/common/utils_rally_query.js"></script><script src="http://www.example.com:81/common/json2.js"></script><script src="/slm/js/slm.js"></script><script src="/slm/js-lib/dojo/rally-1.3.1/dojo/dojo.js.uncompressed.js"></script><script src="/slm/mashup/1.18/js/batch-toolkit.js"></script><script src="/slm/mashup/1.18/js/utilities.js"></script>

所有/slm/..."内容正在加载，NONEwww.example..."内容正在加载.>

有人知道我做错了什么吗?

解决方案

Opera 有一项称为跨网络保护的功能.基本上，它对来自 Internet 的页面可以对本地网络上的内容执行哪些操作施加了一些额外限制.

此功能存在的原因是所谓的网络钓鱼场"漏洞利用的出现，其中发现一些流行的家用路由器/调制解调器的基于 HTTP 的配置屏幕的安全性非常差，恶意网页可以重写您的路由器设置 - 例如将其配置为使用代理并通过恶意服务器管理您的所有流量.为了解决这个问题，Opera 知道某些 IP 地址并未在公共网络上使用(例如 127.0.0.1 或 192.168.*)，并且它不允许来自公共"站点的页面加载文件或向本地"站点.

您可以在每个站点的基础上重新配置它.最简单的事情可能是在公共"站点上添加一个 IFRAME，从本地服务器加载资源之一.IFRAME 将显示带有一些选择加入链接的跨域请求"警告页面.单击始终允许来自该服务器的本地请求的链接，瞧 - 您的跨网络应用现在应该可以再次运行了.

(添加一个IFRAME就像查看源码一样简单，添加<iframe src="http://local/whatever/included/file.js"></iframe>,保存，和工具>高级>从缓存重新加载")

I have a web page that loads in an IFRAME, that runs correctly in IE and Firefox but not in Opera. Which I hate, because I've been an Opera user for years. And I wrote this thing. :-)

The problem is that Opera is not loading some of the JavaScript files that comprise the page. I suspect that it is related to the fact that the page itself is loaded via HTTPS and the included files via HTTP from a different host and port. I believe Opera allows that, but Dragonfly's Net tab doesn't even show an attempt to load them.

The page is a Rally "custom app", and I can't control the fact that it is loaded in an IFRAME or that it loads via HTTPS. I also can't control the fact that the included files are loaded from a different host, or that the host only supports HTTP. So I'm sorta stuck with mixed content.

Among other stuff, the page's HEAD element contains (sanitized a bit):

<script src="http://www.example.com:81/common/jquery-1.4.2.js"></script>
<script src="http://www.example.com:81/common/jsTree/jquery.jstree.js"></script>
<script src="http://www.example.com:81/common/utils_jserror.js"></script>
<script src="http://www.example.com:81/common/utils_logging.js"></script>
<script src="http://www.example.com:81/common/utils_print_r.js"></script>
<script src="http://www.example.com:81/common/utils_rally_query.js"></script>
<script src="http://www.example.com:81/common/json2.js"></script>
<script src="/slm/js/slm.js"></script>
<script src="/slm/js-lib/dojo/rally-1.3.1/dojo/dojo.js.uncompressed.js"></script>
<script src="/slm/mashup/1.18/js/batch-toolkit.js"></script>
<script src="/slm/mashup/1.18/js/utilities.js"></script>

ALL of the "/slm/..." stuff is getting loaded, and NONE of the "www.example..." stuff is.

Anybody got an idea what I'm doing wrong?

解决方案

Opera has a feature called cross-network protection. Basically it places some extra limitations on what pages from the internet can do with stuff on your local network.

The reason this feature exists, is the emergence of the so called "phish farm" exploits, where it was discovered that the HTTP-based config screens of some popular home routers / modems were so poorly secured that malicious web pages could rewrite your router settings - for example to configure it to use a proxy and pipe all your traffic through a malicious server. To counter this, Opera knows that some IP addresses are not used on the public web (such as 127.0.0.1 or 192.168.*) and it doesn't allow pages from a "public" site to load files or send requests to a "local" site.

You can reconfigure this on a per-site basis. The easiest thing is probably adding an IFRAME on the "public" site loading one of the resources from the local server. The IFRAME will show a "cross-domain request" warning page with some opt-in links. Click the link for always allowing local requests from that server, and voila - your cross-network app should now work again.

(Adding an IFRAME is as easy as viewing source, adding <iframe src="http://local/whatever/included/file.js"></iframe>, saving, and "Tools > Advanced > Reload from cache" )

这篇关于Opera 不会加载一些 JavaScript 文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！