[英]Why does this JavaScript code only work when I run it on a HTTP server?
I am trying to build a Chrome Extension which uses the Google Calendar API.我正在尝试构建一个使用 Google Calendar API 的 Chrome 扩展程序。 I am trying to avoid having to setup a server just to make API calls to Google Calendar.
我试图避免仅仅为了对 Google 日历进行 API 调用而设置服务器。 I tried following the example here:
我尝试按照此处的示例进行操作:
https://developers.google.com/google-apps/calendar/quickstart/js#step_2_set_up_the_sample https://developers.google.com/google-apps/calendar/quickstart/js#step_2_set_up_the_sample
But that code requires me to have a HTTP Server running.但是该代码要求我运行 HTTP 服务器。 Why does that code only work when I run it on an HTTP Server?
为什么该代码仅在我在 HTTP 服务器上运行时才有效? From what I can see, its only JavaScript and HTML, which should work when I run it locally on my browser (using the file:// protocol).
据我所知,它只有 JavaScript 和 HTML,当我在浏览器上本地运行它时应该可以工作(使用 file:// 协议)。 I also don't see any CORS issues either.
我也没有看到任何 CORS 问题。
I could probably just setup a Heroku server, but I'm trying to understand why this seemingly client side code requires a server to run!我可能只是设置了一个 Heroku 服务器,但我试图理解为什么这个看似客户端的代码需要一个服务器来运行!
Some browsers prevent Javascript in web pages loaded from a file://
URL from doing some things for security reasons, such as making ajax calls.出于安全原因,某些浏览器会阻止从
file://
URL 加载的网页中的 Javascript 执行某些操作,例如进行 ajax 调用。
So, since this code is ultimately making some Ajax calls out to a calendar server, the code probably wants to make sure your web page is not restricted by these security limitations so it is suggesting a way that the web page can be loaded from a local web server, rather than the file system and thus it won't have any restrictions applied to pages loaded with file://
URLs.因此,由于此代码最终会向日历服务器发出一些 Ajax 调用,因此该代码可能希望确保您的网页不受这些安全限制的限制,因此它提出了一种可以从本地加载网页的方法web 服务器,而不是文件系统,因此它不会对加载有
file://
URL 的页面施加任何限制。
It's worth mentioning that the security restrictions applied to file://
URLs are browser-specific (each browser makes it's own choices as to what to restrict).值得一提的是,应用于
file://
URL 的安全限制是特定于浏览器的(每个浏览器都有自己的选择来限制什么)。 Chrome seems to be fairly restrictive in this regard (though I think there is a command line argument that can relax some of these restrictions). Chrome 在这方面似乎相当严格(尽管我认为有一个命令行参数可以放宽其中一些限制)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.