我可以使用 Java 小程序违反同源策略吗 [英] Can I violate the same-origin policy with a Java applet

问题描述

我需要请求事物并从其他域获取信息.我知道由于同源策略，javascript 无法做到这一点.我的另一个选择是通过我的服务器发出代理请求.我不希望请求来自我的服务器的 IP，也不希望为我的服务器创建额外的负载，并且希望客户端这样做.

I need to request things and get information from other domains. I know javascript can not do this due to the same origin policy. My other option is to make proxy requests through my server. I do not want the requests coming from my server's IP nor do I want to create additional load for my server and would prefer the client do it.

是否可以使用 Java 小程序来执行此操作?手动配置安全设置不是问题.

Is it possible to use a Java applet to do this? Manually configuring security settings is not an issue.

推荐答案

Java 小程序确实实现了同源策略，与 Flash 的方式非常相似.如果目标服务器没有正确定义的可公开访问的 crossdomain.xml，Java 将阻止基于小程序的跨域调用.

Java applets do implement the same origin policy, much the same way as Flash. Java will prevent applet-based cross-origin calls if the target server does not have a properly defined publicly accessible crossdomain.xml.

一个简单的 crossdomain.xml 看起来像这样:

A simple crossdomain.xml would look like this:

<?xml version="1.0"?>
<cross-domain-policy>
  <allow-access-from domain="*" />
</cross-domain-policy>

这篇关于我可以使用 Java 小程序违反同源策略吗的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！