什么是跨域问题 [英] What is the cross domain issue
问题描述
如果我在这里问一个愚蠢的问题,请不要嘲笑我。
If I asked a stupid question here, Please don't laugh at me .
我已经多次听到跨域问题
,但实际上并没有真正参与其中。所以我在谷歌搜索它。但发现很多帖子都在谈论进行ajax调用时的跨域问题
。甚至没有找到一篇文章来说明跨域问题究竟是什么,以及为什么不允许跨域?更多的问题是,如果我说跨域问题,是否意味着我向不同的域提出了错误的ajax请求?任何其他情况会导致此问题?谢谢。
I have being heard Cross Domain Issue
many times, But not really get involved in it in real case. So I searched it in the google. But found many posts are talking about The cross domain issue when make a ajax call
. Not found even a post to tell about what exactly cross domain issue is, and why the cross domain is not allowed? and more question is if I say the cross domain issue, does it mean I made a wrong ajax request to different domain? Any other cases would cause this issue? Thanks.
我读过的帖子是
" No'Access-Control-Allow-Origin'标题出现在请求的资源上
推荐答案
这是一个安全限制,可以阻止从一个源到另一个源的请求。
This is a security restriction that prevents requests being made from one origin to another.
例如,它将阻止 https://
页面点击 http://
地址,因为协议不同。
For example, it will prevent an https://
page hitting an http://
address because the protocol is different.
它将停止 example.com
调用 another.com
,因为它是一个不同的域。
It will stop example.com
calling another.com
because it is a different domain.
它将停止 www.example.com
致电 subdomain.example.com
因为它是一个不同的子域。
It will stop www.example.com
calling subdomain.example.com
because it is a different sub domain.
它将停止 example.com:80
调用 example.com:8080
因为它是一个不同的端口。
And it will stop example.com:80
calling example.com:8080
because it is a different port.
可以使用JSONP发出跨源请求(如果您信任服务器!)或使用CORS请求(跨源资源共享),客户端和服务器必须同意(如果您需要,我可以提供更多详细信息)。
It is possible to make cross-origin requests either using JSONP (if you trust the server!) or using a CORS request (Cross-Origin Resource Sharing), which both client and server must agree to (I can supply more details if you need it on this).
这篇关于什么是跨域问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!