jQuery的权限被拒绝 - 不同的域名 [英] Jquery permission denied - different domain name
问题描述
我已经开发了一组生活在一个asp.net MVC应用程序的API,但会从浏览器访问我们的主网站(其中居住在的LAMP堆栈)消耗掉。
I have developed a set of apis that live on an asp.net mvc application, but will be consumed from a browser accessing our main site (which lives on a LAMP stack).
该域名是这样的:
API的
http://apis.www.mainsite.org (最初,apis.mainsite.org,但我在试图解决这个问题)进行的修改
http://apis.www.mainsite.org (originally, apis.mainsite.org, but I made the modification in an attempt to fix the problem)
我做一个$。阿贾克斯()请求,从而将普通的HTML转储输入表单到一个div的API。
I make a $.ajax() request to the api which in turn sends plain html to dump an input form into a div.
该CONFIGRATION运行正常,当我从生活在我的网站的API样本主页上运行,但是当我把在同一页上的站点apis.www.mainsite.org外,我碰到一个Permission denied错误在IE浏览器上的第一个请求服务。
The configration runs fine when I run from a sample host page that lives on my apis site, but when I put the same page on a site outside of apis.www.mainsite.org, I get a "permission denied" error in IE on the first request to the service.
我好像过了几个资源说我必须为了得到这个正常工作,使跨域脚本中调用这种方式实施JSONP - 但我希望我可以启用该功能,同时还返回HTML而不是JSON的
I've seem a few resources that say I must implement JSONP in order to get this to work correctly and make the cross-domain script call that way - but I am hopeful that I can enable that functionality while still returning html instead of JSON.
任何建议将是极大的AP preciated。
Any suggestions would be greatly appreciated.
另外一个问题 - 任何想法,为什么从 http://mysite.org 一个XMLHTTP请求的 http://api.mysite.org 将被视为跨域?是否在域名的任何变化使它成为一个跨域调用?
One other question - any idea why an XMLhttp request from http://mysite.org to http://api.mysite.org would be considered cross domain? Does any change in the domain name make it a cross domain call?
这似乎是一个相当常见的场景到域从主要内容域API分离,我希望,我只是简单的东西。
It seems like a fairly common scenario to separate the domain for the api from the main content domain and I am hopeful that I am just missing something simple.
最好的问候,并感谢您的时间。
Best regards and thanks for your time.
哈尔
推荐答案
下面的信息可能使人们对一个脚本标签黑客技术,更多的光:
The following post might shed more light on a script tag hack technique:
<一个href=\"http://stackoverflow.com/questions/926137/why-dont-i-get-a-same-origin-policy-warning-when-using-the-google-maps-api\">http://stackoverflow.com/questions/926137/why-dont-i-get-a-same-origin-policy-warning-when-using-the-google-maps-api
总之,你不能使用XmlHtt prequest做跨域调用(这是jQuery和EXT-JS使用)。在&LT;脚本&GT;
标签是从这样的规则免疫。诀窍是放在一个URL带有参数的页面使用这些参数来制定,以在JavaScript code回调的调用返回JSON回来了。
In short, you cannot make cross-domain calls using XmlHttpRequest (which is what jquery and ext-js use). The <script>
tag is immune from such rules. The trick is to put in a URL with parameters whose page returns JSON back using those parameters to formulate a call to a callback in your JavaScript code.
编辑:为了回答您的其他问题,您的网址的域名部分必须完全匹配。请参阅跨域的例子下面的Wikipedia文章与同域调用:
To answer your other question, the domain portion of your URL must match exactly. See the following Wikipedia article for examples of cross-domain versus same-domain calls:
http://en.wikipedia.org/wiki/Same_origin_policy
这篇关于jQuery的权限被拒绝 - 不同的域名的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!