有没有办法绕过Javascript / jQuery的本地访问相同的原始策略? [英] Is there a way to bypass Javascript / jQuery's same origin policy for local access?
问题描述
尝试使用 ajax
, getJSON
,以及类似的函数从本地获取外部URL(非-server)开发计算机。有没有办法绕过相同的原始策略,以便我可以在本地测试,而不必上传到服务器?
Trying to use ajax
, getJSON
, and functions like that to fetch an external URL from a local (non-server) development computer. Is there a way to bypass the same origin policy, so that I can test locally, instead of having to upload to a server?
推荐答案
这是一个简单的答案:chrome --disable-web-security
Here's the simple answer: chrome --disable-web-security
源代码(chrome_switches.h):
From the source code (chrome_switches.h):
// Don't enforce the same-origin policy. (Used by people testing their sites.)
const char kDisableWebSecurity[] = "disable-web-security";
我想使用jquery.js将AJAX调用发送到在端口8080上运行的Google Apps python服务器仅仅是为了测试,我想在同一台机器上运行浏览器和服务器。
I wanted to use jquery.js to send AJAX calls to a Google Apps python server running on port 8080. Just for testing, I wanted to run the browser and the server on the same machine.
我不了解所有的安全细微差别,但对于临时开发似乎像一个合理的解决方法。只要我只使用chrome来测试这个标志,它应该不是问题。
I don't understand all the security nuances, but for temporary development it seems like a reasonable workaround. So long as I only use chrome for testing with this flag, it shouldn't be a problem.
这是Mac OS X的整个命令:
Here's the whole command for Mac OS X:
/ Applications / Google \ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security
这篇关于有没有办法绕过Javascript / jQuery的本地访问相同的原始策略?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!