在IFRAME内部的AJAX不能在同一服务器上工作 [英] AJAX inside IFRAME not working against same server

问题描述

我使用的网站 abc.com ，代表 iframe code> 123.com 。

iframe 中的页面正在对其他页面执行AJAX请求 123.com ，但我们发现请求已取消。

I'm using a website, abc.com, that is hosting an iframe of a page on 123.com.
The page inside the iframe is doing an AJAX request to another page on 123.com, but we're seeing that the request is getting cancelled.

除非我错了 - 并且我没有在互联网上找到任何关于此的官方资讯 - 电话应该工作得很好不是跨网域请求。

Unless I'm wrong — and I haven't found any official information on the internet about this — the call should work fine as it is not a cross-domain request.

父框架位于不同网域的事实确实阻碍了 iframe 向其自己的服务器？

Would the fact that the parent frame is on a different domain really hinder the iframe from doing AJAX requests to its own server?

推荐答案

IFRAME应该能够向自己的源站点（同一源URL）发出ajax请求。但是，请确保REQUEST事件是来自IFRAME的FIRED，而不是父级。

The IFRAME should be able to make an ajax request to its own originating site (same source URL). However, make sure the REQUEST event is FIRED from the IFRAME, not the parent.

我的第一个猜测是你正在加载IFRAME，然后通过父（JS）解决它（触发事件），让它做/ get /它触发ajax调用。总之，这是IFRAME域对同一域请求被取消的最可能的原因，因为它仍被浏览器识别为源自目标域代码之外。

My first guess would be you are loading the IFRAME and then addressing it (firing an event) via the parent (JS) to get it to do/get/set something which triggers an ajax call. In short, this is the mostly likely reason the IFRAME domain to same domain request is getting cancelled as it is still recognized by the browser as originating from outside the target domain code.

REQUEST事件需要有机地 从用户中单击IFRAME中的某些内容或触发事件。

The REQUEST event needs to be organically generated from the user clicking on something in the IFRAME or from code in the IFRAME itself firing the event.

换句话说：只是因为IFRAME可能有一些能力在其JS /代码中自身触发事件/ ajax通常仍然不允许通过JS /代码直接使用ajax / JS的父引用。 IFRAME必须已经根据其负载参数（可能是URL值）进行编码，或者用户必须物理地点击/对某事进行操作才能在该域上创建用户生成的事件。

In other words: just because the IFRAME may have some ability to fire events/ajax in its JS/code to/from itself, it would normally still not be allowed to have the parent reference that ajax/JS directly via JS/code. The IFRAME has to already be coded to do it based on its load parameters (URL values, perhaps) or the user has to physically click/take action on something to create a user generated event on that domain.

当然，这可能会因为浏览器和版本的不同而有所不同，你可能会在父级和iframe之间的交互性方面有所不同。但是一个严格的，最新的浏览器将试图通过js保持你在iFrame上的虚假不安全的交互。

Of course, this is going to vary a bit by browser and version on what you might be able coax in terms interactivity between the parent and iframe. But a strict, up-to-date browser will try to keep you from faking insecure interaction on the iFrame via js.

要获得更好的答案，您需要提供更多关于您正在/正在做什么的详细信息。

To get a better answer, you would need to provide more detail on exactly what you are doing/getting.

这篇关于在IFRAME内部的AJAX不能在同一服务器上工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！