开发者

Do subdomains have a part in cross-browser restrictions when calling webservices from Javascript?

开发者 https://www.devze.com 2023-01-02 10:30 出处:网络
The scenario is this: My html page is on http://www.mydomain.com/somepage.html Using jQuery, I call a webservice on: http://subdomain.mydomain.com/webservice.asmx/somemethod

The scenario is this:

  • My html page is on http://www.mydomain.com/somepage.html
  • Using jQuery, I call a webservice on: http://subdomain.mydomain.com/webservice.asmx/somemethod

At the moment this 开发者_如何学Gois not working. I suspect that the subdomain is breaking a x-browser restriction. Any ideas?

It is working locally when the html page and the webservice are running off my localhost.

Cheers.


In the same origin policy, the host must match exactly (so must the protocol and port, but that's an aside). If a matching suffix could suffice, foo.com would be deemed the "same origin" as bar.com, or fie.co.uk the same as flap.co.uk, etc, completely destroying the purpose of the policy.

I realize you think of www.blah.com as "more related" to whatever.blah.com than the examples I gave, but that's simply not the case - think of all the myriads of something.appspot.com domains running Google App Engine apps from myriads of different authors with absolutely no relationship among them, for example.


Can you do a JSONP service, or use .NET as a proxy?

Otherwise you are not conforming to same origin policy.

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号