[英]Relaxing same-origin policy
According to this Wikipedia article , there are three methods of relaxing the SOP. 根据这篇Wikipedia文章 ,有三种放松SOP的方法。 However, the article doesn't discuss the advantages nor drawbacks of any of them. 但是,本文没有讨论其中任何一个的优点或缺点。
I wonder which one to pick. 我不知道该选哪个。 Sre all of them implemented today? 今天都实施了吗? Are they supported? 他们支持吗? When to pick which? 什么时候选哪个? What to look up for when using them? 使用它们时要查找什么? Etc. 等等。
document.domain
property directly ( browser does that for you ) or am I missing something? 您无法直接设置document.domain
属性(浏览器会为您设置),或者我缺少什么? This would be a serious security issue. 这将是一个严重的安全问题。 Thus this is not really an option for cross-origin scripting. 因此,这实际上不是跨域脚本编写的选项。 All of them are implemented in all major browsers. 所有这些都在所有主要的浏览器中实现。 All are supported. 全部都支持。 Which one to pick? 选哪一个? If you have access to the server side, then CORS is my prefered way to go. 如果您有权访问服务器端,那么CORS是我首选的方式。 At the end of the day it depends on exactly what you want to do. 归根结底,这取决于您要做什么。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.