jQuery的Ajax和SSL？ [英] jQuery ajax and SSL?

问题描述

在我们网站上的某些页面使用SSL，大多数页面却没有（因为他们需要通过网络机器人被抓取）。

In our site certain pages use SSL, most pages however don't (as they need to be crawled by web bots).

这pretty的多归结到用户登录任何网页，也有少数例外是SSL下，

It pretty much boils down to any page where the user is logged in, with a few exceptions is under SSL,

但首先有从非HTTPS网页登录用户（登录表单是滴从屏幕顶部的任何网页上的表单）。

But the user first has to login from a non https page (The login form is a form that drops from the top of the screen on any page).

因此​​，

我如何可以强制要求在AJAX使用SSL？

How can I force the requests over ajax to use SSL?

这甚至安全吗？

推荐答案

这违反了JavaScript的同源策略，因为它没有看到HTTPS URL来自同一来源的HTTP URL之中。您可以通过使用JSONP或设置访问控制 - 允许 - 原产地头从Web服务的响应解决这个问题。许多Web服务将被设置为已经做到这一点。

It violates JavaScript's same-origin policy, because it doesn't see the HTTPS URL as being from the same source as the HTTP URL. You can get around this by using JSONP or setting a Access-Control-Allow-Origin header in the response from the web service. Many web services will be setup to do this already.

这篇关于jQuery的Ajax和SSL？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！