同源政策 [英] Same Origin Policy
问题描述
我在过去几个小时内已经阅读了一些关于相同原点政策的内容,我对这个想法有所了解,但我对我目前的设置有疑问。
我有一个页面,我们会打电话, foo.com/home
在该页面上是一个链接打开一个iframe,其网址为 foo.com/home/bar
。现在在 foo.com/home/bar
的框架内,如果我有一个超链接说 www.google.com
点击后我是否可以将iframe重定向到Google而不违反相同的原始政策?我至少不会看到这种伤害,因为这将是一个简单的重定向。
我问的原因是因为上述设置我无法将我的iframe重定向到 www.google.com
。事实上,如果这是针对相同的原产地政策可能有人将其分解并解释如何?我会理解,如果我使用iframe将数据提交到另一个域,但我只是想让我的iframe重定向到另一个域。
虽然
或Google中的Google case。
可能的解决方案是使用本地代理,例如。
I have read a bit about same origin policy over the last few hours and I understand a little bit of the idea but I have a question about my current setup.
I have a page, we will call, foo.com/home
and on that page is a link that opens up an iframe with a url of foo.com/home/bar
. Now while in the frame of foo.com/home/bar
if I were to have a hyperlink to say www.google.com
when clicked can I have it redirect the iframe to Google without breaching the same origin policy? I wouldn't see the harm in that at the least because it would be a simple redirection.
The reason I ask is because with the above set up I am unable to redirect my iframe to www.google.com
. If this is, in fact, against the same origin policy could someone break it down and explain how? I would understand if I was using the iframe to submit data to another domain but I am simply just trying to get my iframe to redirect to another domain.
While
Or Google in your case.
Possible solution will be using a local proxy like http://developer.yahoo.com/javascript/howto-proxy.html
This might help https://developer.mozilla.org/en-US/docs/Web/JavaScript/Same_origin_policy_for_JavaScript.
这篇关于同源政策的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!