同源政策 [英] Same Origin Policy

问题描述

我在过去几个小时内已经阅读了一些关于相同原点政策的内容，我对这个想法有所了解，但我对我目前的设置有疑问。

我有一个页面，我们会打电话， foo.com/home 在该页面上是一个链接打开一个iframe，其网址为 foo.com/home/bar 。现在在 foo.com/home/bar 的框架内，如果我有一个超链接说 www.google.com 点击后我是否可以将iframe重定向到Google而不违反相同的原始政策？我至少不会看到这种伤害，因为这将是一个简单的重定向。

我问的原因是因为上述设置我无法将我的iframe重定向到 www.google.com 。事实上，如果这是针对相同的原产地政策可能有人将其分解并解释如何？我会理解，如果我使用iframe将数据提交到另一个域，但我只是想让我的iframe重定向到另一个域。

解决方案

虽然

或Google中的Google case。

可能的解决方案是使用本地代理，例如。

I have read a bit about same origin policy over the last few hours and I understand a little bit of the idea but I have a question about my current setup.

I have a page, we will call, foo.com/home and on that page is a link that opens up an iframe with a url of foo.com/home/bar. Now while in the frame of foo.com/home/bar if I were to have a hyperlink to say www.google.com when clicked can I have it redirect the iframe to Google without breaching the same origin policy? I wouldn't see the harm in that at the least because it would be a simple redirection.

The reason I ask is because with the above set up I am unable to redirect my iframe to www.google.com. If this is, in fact, against the same origin policy could someone break it down and explain how? I would understand if I was using the iframe to submit data to another domain but I am simply just trying to get my iframe to redirect to another domain.

解决方案

While

Or Google in your case.

Possible solution will be using a local proxy like http://developer.yahoo.com/javascript/howto-proxy.html

This might help https://developer.mozilla.org/en-US/docs/Web/JavaScript/Same_origin_policy_for_JavaScript.

这篇关于同源政策的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！