如何通过在IIS中代理来防止跨域问题？ [英] How to prevent cross domain issues by proxying in IIS?

问题描述

我有一个用Delphi编写的网站，需要从.NET网络服务获取数据。为了消费Web服务我附加到一个.NET网站首先包含一个向导，最终用户必须填写，然后反过来又调用Web服务，以填充AJAX下拉列表和返回数据到调用的Delphi Web应用程序。

I have a site written in Delphi that needs to get data from a .NET web service. In order to consume the web service I am attaching to a .NET web site first that contains a wizard that the end user has to fill out, which in turn is then calling the web service in order to populate AJAX drop-down lists and to return data to the calling Delphi web application.

因此，要清楚...

1. Delphi网站打开.NET网站


2. .NET网站填充来自.NET网络服务的AJAX下拉列表


3. 点击提交.NET Web向导，它调用.NET Web服务获取数据并返回Delphi网站

但是调用。 NET网络服务填充下拉菜单导致IE6（实际上所有浏览器）将此视为跨域安全威胁，我得到此页面正在访问不受其控制的信息，这带来了安全风险... 错误。

However calling the .NET web service to populate the drop downs causes IE6 (and indeed all browsers) to treat this as a cross domain security threat and I get the "This page is accessing information that is not under its control. This poses a security risk ..." error.

下拉列表的代码如下（如果这有帮助）...

The code for the drop downs is as follows (in case this helps) ...

在.apsx文件中

<asp:DropDownList ID="DocCategoryDropDown" 
              runat="server" 
              OnSelectedIndexChanged="DocCategoryDropDown_SelectedIndexChanged"
              AutoPostBack="true">
</asp:DropDownList>
<ajaxToolkit:CascadingDropDown ID="DocCategoryCascadingDropDown" 
                           runat="server" 
                           TargetControlID="DocCategoryDropDown"
                           LoadingText="[Loading...]" 
                           Category="CategoryId" 
                           UseContextKey="True" 
                           ContextKey="NY"
                           PromptText="Select a Category" 
                           ServiceMethod="GetDocCategory" 
                           ServicePath="tba">
</ajaxToolkit:CascadingDropDown>

DocCategoryCascadingDropDown.ServicePath = path;

如果路径与网站位于同一个服务器上，则工作正常，但如果路径不正确警告，因此它必须是跨域安全问题。

If path is on the same server as the web site it works fine but if path is not I get the warning, therefore it must be a cross domain security issue.

之前我曾经遇到过类似的Java Web服务问题，我通过在Apache上使用代理为了使承载向导的Web站点和Web服务显示为存在于同一域上，因此可以阻止错误。

I've had similar issues with Java web services before and I got around this by using proxying on Apache in order to make the web site that hosts the wizard and the web service appear to exist on the same domain, and therefore stop the errors.

任何人都可以告诉我如何在IIS中做同样的事情吗？

Can anyone tell me how I can do this same thing in IIS, please?

如果有更多的信息，我可以提供，请让我知道，因为我真的想得到这个问题解决

If there is any more information I can supply, please let me know as I'd really like to get this issue resolved as soon as I can.

提前感谢。

推荐答案

好吧，经过多次谷歌搜索（和咬牙），我发现这个网站，很好地解释了解决方案。

OK, after much googling (and gnashing of teeth) I found this website that does a good job of explaining the solution.

http://dotnetslackers.com/columns/ajax/MashitUpwithASPNETAJAX.aspx

只要说明如何询问 正确 问题的重要性：）

Just goes to show how important it is to know how to ask the right question :)

这篇关于如何通过在IIS中代理来防止跨域问题？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！