Article From:

What is cross domain?

To understand cross-domain, first of all, we need to talk about homologous strategies.

Homology policy is a well-known security policy proposed by Netscape, which is used by all browsers that support JavaScript.

The so-called homology refers to the same domain name, protocol and port. When a page executes a script, it checks whether the resources accessed are of the same origin. If they are not of the same origin, the browser will report an exception in the console to deny access when requesting data.

Homologous strategies are generally divided into the following two types:

  • DOMHomologous Policy: Operations on DOM of different source pages are prohibited. The main scenario here is the cross-domain situation of iframe, where different domain names restrict access to each other.

  • XmlHttpRequestHomologous Policy: It is prohibited to use XHR objects to initiate HTTP requests to server addresses of different sources.

So what is cross-domain?

Cross-domain refers to requesting resources from one domain name to another. That is cross domain request! Cross-domain, browsers can not execute scripts of other domain name websites, which is caused by the browser’s homology policy and is a security restriction imposed by browsers.

Strictly speaking, as long as the protocol, domain name and port are different, they are regarded as cross-domain.

Why cross-border?

In real work development, there are often cross-domain situations, because companies will have many projects, there will also be many sub-domain names, each project or website needs to call each other’s resources, can not avoid cross-domain requests.

Cross domain solution

    • Cross domain through jsonp

    • document.domain + iframeCross domain

    • location.hash + iframe

    • + iframeCross domain

    • postMessageCross domain

    • Cross-domain Resource Sharing (CORS)

    • nginxAgent cross domain

    • nodejsMiddleware proxy across domains

    • WebSocketProtocol cross domain

Leave a Reply

Your email address will not be published. Required fields are marked *