jQuery跨域错误 [英] jQuery Cross Domain Errors
问题描述
我们在jsp文件中包含了一个完整的url,它会返回一个字符串,但在IE和FF
有没有办法解决这个问题?
$ .ajax(
{
type:post,
url:http://www.mydomain.com/my.jsp,
data:{ string:some string},
success:doSuccess
}
使用$ .get是否有XSS问题?是什么意思?
您可以将输出重新格式化为JSONP。
http://api.jquery.com/jQuery.getJSON/
仅供参考,您的浏览器阻止此操作的原因是为了防止跨域脚本攻击: http://en.wikipedia.org/wiki/Cross-site_scripting 。 JSONP为您的字符串添加了padding,防止字符串成为威胁。
We are doing a jQuery post out to a jsp file.
We are including the full url to the jsp file that will return a string but in IE and FF the request is being blocked.
Is there a way around this?
$.ajax(
{
type : "post",
url : "http://www.mydomain.com/my.jsp",
data : {string:"some string"},
success:doSuccess
}
Changing the post to a get net's us the same data but would it also cause an XSS issue?
does using $.get have XSS issues?
You can reformat your output as JSONP. Full description here:
http://api.jquery.com/jQuery.getJSON/
Just for reference, the reason that your browsers are blocking this is to prevent cross domain scripting attacks: http://en.wikipedia.org/wiki/Cross-site_scripting . JSONP adds 'padding' to your string and prevents the string becoming a threat.
这篇关于jQuery跨域错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!