[英]Possible to intercept XMLHttpRequests coming from inside iframe (same domain)?
I have a page that's loaded using https, and it embeds an iframe on the same domain, also loaded via https. 我有一个使用https加载的页面,它在同一域中嵌入了iframe,也通过https加载了。
Inside the iframe, there are some XHR requests to an insecure http URL (the URL is actually to an IP address on the local network) that are being blocked. 在iframe中,对不安全的http URL(该URL实际上是本地网络上的IP地址)有一些XHR请求被阻止。
Is there any way I can allow the requests to the local IP address? 有什么办法可以允许请求到本地IP地址? I only have access to edit the code in the parent frame. 我只能在父框架中编辑代码。 I can use php or javascript in the parent frame. 我可以在父框架中使用php或javascript。
Unless you recompile your browser, CORS explicitly prohibits this and no browser would allow it, unless the local IP machine returns valid CORS headers. 除非您重新编译浏览器,否则CORS明确禁止这样做,并且除非本地IP机器返回有效的CORS标头,否则浏览器将不允许这样做。
See here for CORS headers info: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Simple_requests 请参阅此处以获取CORS标头信息: https : //developer.mozilla.org/zh-CN/docs/Web/HTTP/CORS#Simple_requests
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.