[英]Communicating from https website to http server on localhost, cross-domain
So I have a GWT webapp that needs to communicate with a desktop application. 所以我有一个需要与桌面应用程序通信的GWT webapp。 To accomplish this, the desktop program starts up a webserver at a given port (say,
http://localhost:9000
). 为此,桌面程序在给定端口启动Web服务器(例如,
http://localhost:9000
)。
I have implemented JSON-P communication to get around the Cross-Domain filters, which works fine when testing locally (webapp runs at http://localhost:8888
). 我已经实现了JSON-P通信来绕过跨域过滤器,这在本地测试时工作正常(webapp运行在
http://localhost:8888
)。 The problem is, the production website is served over https, and no browser will allow you to request javascript over http from https. 问题是,生产网站是通过https提供的,没有浏览器允许您通过https从http请求javascript。
So I've tried a few things. 所以我尝试了一些东西。
I have set the "Access-Control-Origin: *" header using Java's HttpServletResponse.addHeader("Access-Control-Allow-Origin", "*")
on both the server that serves the GWT javascript and the server that the javascript is trying to make requests to, and making HTTP requests, but that gets blocked by same origin filters (presumable because I'm trying to make request from https to http.) 我在服务于GWT javascript的服务器和javascript所在的服务器上使用Java的
HttpServletResponse.addHeader("Access-Control-Allow-Origin", "*")
设置了“Access-Control-Origin:*”标头。尝试向HTTP请求发出请求,但是这些请求被相同的原始过滤器阻止(因为我正在尝试从https向http发出请求)。
I have tried to use the Json-P communication from a new Window (created by calling $wnd.open) without a URL hoping that it would load over http, but it is loaded over https, so I ran into the same problem as before. 我试图从一个新窗口(通过调用$ wnd.open创建)中使用Json-P通信而没有URL希望它会加载http,但它是通过https加载的,所以我遇到了和以前一样的问题。
Is there any way to make a cross domain request from javascript served over https to http? 有没有办法从通过https到http的javascript提出跨域请求? There isn't any feasible way to run https on the localhost (self-signed cert gets blocked when making JSON-P requests.)
没有任何可行的方法在localhost上运行https(在签署JSON-P请求时,自签名证书被阻止。)
Assuming that the computer you are deploying to has internet access, the best solution to this problem is to register a subdomain on your main site where the webapp is hosted (for example, localhost.example.com) and setup the DNS entries to point to 127.0.0.1 . 假设您部署的计算机具有Internet访问权限,此问题的最佳解决方案是在托管webapp的主站点上注册子域(例如,localhost.example.com)并设置DNS条目以指向127.0.0.1。 You can then get a signed https certificate for localhost.example.com and distribute that certificate with your application.
然后,您可以获取localhost.example.com的已签名https证书,并将该证书与您的应用程序一起分发。
Words of warning: 警告语:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.