Shulou(Shulou.com)06/01 Report--

This article mainly introduces the relevant knowledge of "Why javascript should be cross-domain". The editor shows you the operation process through an actual case. The operation method is simple, fast and practical. I hope this "Why javascript should cross-domain" article can help you solve the problem.

The reason why JavaScript is cross-domain is that the js of the current domain name can only read window attributes under the same domain because of the same origin policy of the browser, so cross-domain is generated. The homology strategy is that browsers prevent malicious websites from stealing data and prohibit JS from interacting with each other in order to ensure the security of user information.

The operating environment of this tutorial: windows10 system, javascript1.8.5 version, Dell G3 computer.

What are the reasons for the cross-domain of javascript

The cross-domain problem is restricted by the same origin policy of the browser. The js of the current domain name can only read the window attributes under the same domain.

Due to the same origin policy restriction of the browser. The same origin policy is a kind of convention, which is the core and basic security function of the browser. If the same origin policy is missing, the normal function of the browser may be affected. It can be said that Web is built on the basis of homologous strategy. Browsers are just an implementation of the same origin policy. The same origin policy prevents javascript scripts from one domain from interacting with the contents of another domain. Homology (that is, in the same domain) means that two pages have the same protocol (protocol), host (host) and port number (port).

To put it simply, the homologous strategy is that browsers prevent malicious websites from stealing data and prohibit JS from interacting with each other in order to ensure the security of user information. For browsers, as long as one of the domain names, protocols, and ports is different, the same origin policy will be triggered, thus restricting the following interaction behavior between them:

1.Cookie, LocalStorage, and IndexDB cannot be read

2.DOM is not available

The 3.AJAX request could not be sent.

A stricter definition of cross-domain is that as long as there is any difference in protocol, domain name, and port, it is considered cross-domain.

Cross-domain solution

JSONP: you need to add dataType: "jsonp" to the request method, / / set the data format to jsonp,jsonp: "callback", / / Jquery to generate the name of the verification parameter

1. DataType. This parameter must be set to jsonp.

2. Jsonp. The value of this parameter needs to be agreed with the server.

Nginx reverse proxy

Webpack configuration reverse proxy: directly use scaffolding devServer to configure reverse proxy to solve cross-domain problems in the development process.

Cross-domain resource sharing (CORS)

Nodejs cross-domain: use nodejs locally to set up a server through that server to call the background server to return data and then return it to the front-end server. There is no cross-domain between servers.

WebSocket protocol cross-domain

Through JSONP

Self-understanding: JSONP is to use the src attribute of the script tag to achieve cross-domain, can only use get request, the background will return to you a method, you use this method to get the data you want

Jsonp principle the front end defines the method through the src attribute to the back end, gets the method, passes in the data stitching method, and then passes it to the front end as a method to call.

JSONP is mainly an encapsulated request to add callback. This callback is agreed upon by the front and back end.

This is the end of the content about "Why javascript should be cross-domain". Thank you for reading. If you want to know more about the industry, you can follow the industry information channel. The editor will update different knowledge points for you every day.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.