有没有办法绕过Javascript / jQuery的本地访问相同的原始策略？ [英] Is there a way to bypass Javascript / jQuery's same origin policy for local access?

问题描述

尝试使用 ajax ， getJSON ，以及类似的函数从本地获取外部URL（非-server）开发计算机。有没有办法绕过相同的原始策略，以便我可以在本地测试，而不必上传到服务器？

Trying to use ajax, getJSON, and functions like that to fetch an external URL from a local (non-server) development computer. Is there a way to bypass the same origin policy, so that I can test locally, instead of having to upload to a server?

推荐答案

这是一个简单的答案：chrome --disable-web-security

Here's the simple answer: chrome --disable-web-security

源代码（chrome_switches.h）：

From the source code (chrome_switches.h):

// Don't enforce the same-origin policy.  (Used by people testing their sites.)
const char kDisableWebSecurity[]            = "disable-web-security";

我想使用jquery.js将AJAX调用发送到在端口8080上运行的Google Apps python服务器仅仅是为了测试，我想在同一台机器上运行浏览器和服务器。

I wanted to use jquery.js to send AJAX calls to a Google Apps python server running on port 8080. Just for testing, I wanted to run the browser and the server on the same machine.

我不了解所有的安全细微差别，但对于临时开发似乎像一个合理的解决方法。只要我只使用chrome来测试这个标志，它应该不是问题。

I don't understand all the security nuances, but for temporary development it seems like a reasonable workaround. So long as I only use chrome for testing with this flag, it shouldn't be a problem.

这是Mac OS X的整个命令：

Here's the whole command for Mac OS X:

/ Applications / Google \ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security

这篇关于有没有办法绕过Javascript / jQuery的本地访问相同的原始策略？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！