Internet Explorer 中跨站点请求的访问控制 [英] Access control for cross site requests in Internet Explorer

问题描述

我正在尝试从多个域向一个将处理请求的域进行 AJAX 调用.通过在处理服务器上设置标头，可以轻松地在 Firefox 和 Chrome 中启用跨域:

I am trying to make an AJAX call from several domains to a single one which will handle the request. Enabling Cross domain in Firefox and Chrome was easy by setting the header on the handling server:

header("Access-Control-Allow-Origin: *");

但这无助于在 Internet Explorer 中启用它.当我尝试时:

But this doesn't help enabling it in Internet Explorer. When I try:

httpreq.send('');

它因错误访问被拒绝而停止.

it stops with error Access denied.

如何在 Internet Explorer 中启用此功能?

How can this be enabled in Internet Explorer?

推荐答案

我不相信您可以直接在 Internet Explorer 中做到这一点.您有几个选择:

I don't believe you can do that directly in Internet Explorer. You have a couple of options:

• 在您控制的可以转发 Ajax 请求的服务器上设置代理转发脚本.确保它只转发到您需要的适当目的地，以免您变成匿名中继.

• Set up a proxy forwarding script on the server you do control that can forward the Ajax requests. Make sure that it only forwards to the appropriate destinations that you need so that you don't get turned into an anonymous relay.

使用 document.domain 技巧.基本上，您需要创建一组 iframe，用于需要进行 Ajax 调用的每个服务器.在每个 iframe 中，将 document.domain 属性设置为与您需要将 Ajax 请求发送到的域完全匹配.至于如何填充必要的数据，请在设置 document.domain 之前使用 DOM 操作.请注意，此技巧要求目标服务器位于原始服务器的子域中.更多在 这篇文章，带有示例.

Use the document.domain trick. Basically you need to create a set of iframes, one for each server you need to make Ajax calls to. Within each iframe set the document.domain property to exactly match the domain you need to send the Ajax requests to. As to how to populate the necessary data, use DOM manipulation prior to setting document.domain. Note that this trick requires the target servers to be in sub-domains of the original. More in this article, with examples.

这篇关于Internet Explorer 中跨站点请求的访问控制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！