<legend id='hbrIh'><style id='hbrIh'><dir id='hbrIh'><q id='hbrIh'></q></dir></style></legend>
      <bdo id='hbrIh'></bdo><ul id='hbrIh'></ul>
    <i id='hbrIh'><tr id='hbrIh'><dt id='hbrIh'><q id='hbrIh'><span id='hbrIh'><b id='hbrIh'><form id='hbrIh'><ins id='hbrIh'></ins><ul id='hbrIh'></ul><sub id='hbrIh'></sub></form><legend id='hbrIh'></legend><bdo id='hbrIh'><pre id='hbrIh'><center id='hbrIh'></center></pre></bdo></b><th id='hbrIh'></th></span></q></dt></tr></i><div id='hbrIh'><tfoot id='hbrIh'></tfoot><dl id='hbrIh'><fieldset id='hbrIh'></fieldset></dl></div>

    <tfoot id='hbrIh'></tfoot>

      <small id='hbrIh'></small><noframes id='hbrIh'>
      8. 

      

      




      


      


      

      

      如何使用 JSONP 克服 XSS 问题?
      
时间:2023-10-14

            <tbody id='AEILT'></tbody>
              <bdo id='AEILT'></bdo><ul id='AEILT'></ul>
              • <tfoot id='AEILT'></tfoot>
            • <legend id='AEILT'><style id='AEILT'><dir id='AEILT'><q id='AEILT'></q></dir></style></legend>
              <small id='AEILT'></small><noframes id='AEILT'>
              • <i id='AEILT'><tr id='AEILT'><dt id='AEILT'><q id='AEILT'><span id='AEILT'><b id='AEILT'><form id='AEILT'><ins id='AEILT'></ins><ul id='AEILT'></ul><sub id='AEILT'></sub></form><legend id='AEILT'></legend><bdo id='AEILT'><pre id='AEILT'><center id='AEILT'></center></pre></bdo></b><th id='AEILT'></th></span></q></dt></tr></i><div id='AEILT'><tfoot id='AEILT'></tfoot><dl id='AEILT'><fieldset id='AEILT'></fieldset></dl></div>
                
                            本文介绍了如何使用 JSONP 克服 XSS 问题?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
                        
                
                        
                问题描述
                
                        
                
                            
                        
                
                        
                我在码头服务器上执行了一段 javascript,该服务器正在向另一台服务器(wamp 服务器)上的 scoket 发送 XMLHTTPRequest.请求被发送到套接字,但是 XHR 响应似乎被阻塞了.
                

                I have a piece of javascript executing on a jetty server which is sending a XMLHTTPRequest to a scoket on another server(wamp server). The request gets sent to the socket, however the XHR response seems to be getting blocked.
                

                我听说我可以使用 JSONP 来解决这个问题.但是,由于我对 javascript 都很陌生,而且我从未使用过 JSONP 技术,在此之前我非常感谢有关如何使用这种技术的任何帮助?
                

                I have heard that I can use JSONP to overcome this problem.
However as I am new to both javascript and I have never used JSONP technique before I would greatly appreciate any help in how to use this technique?
                

                function sendPost(url, postdata, callback) {

xmlHttp=GetXmlHttpObject()

if (xmlHttp==null) {
    alert ("Browser does not support HTTP Request")
    return
} 

xmlHttp.onreadystatechange=callback
xmlHttp.open("POST",url,true)
xmlHttp.send(postdata);

}

function sendInitRQ(width, height) {

var post = "<?xml version="1.0" encoding="UTF-8"?><command     type="init"><width>" + width + "</width><height>" + height + "</height></command>";

sendPost("http://localhost:80/socket.php", post, initReturned);

}

                

                我知道 php 套接字正在接收帖子,因为当我检查服务器日志时,我在 get 请求中得到 200.
                

                I know that the php socket is recieving the post as when i check the server log i get a 200 on the get request.
                

                我只想知道如何使用 JSONP 方法?我已经看到了这种方法的例子,但我仍然不确定如何去做.
                

                I just want to know how can I use the JSONP approach?
I have seen exampples of the approach but Iam stilll unsure of how to do it.
                

                推荐答案
                

                JSONP 技术使用完全不同的机制向服务器发出 HTTP 请求并根据响应进行操作.它需要客户端页面和服务器上的协作代码.服务器必须有一个 URL 来响应 HTTPGET"请求,其中包含一个包裹在函数调用中的 JSON 块.因此,您不能只对任何旧服务器进行 JSONP 事务;它必须是明确提供该功能的服务器.
                

                The JSONP technique uses a completely different mechanism for issuing HTTP requests to a server and acting on the response. It requires cooperating code in the client page and on the server. The server must have a URL that responds to HTTP "GET" requests with a block of JSON wrapped in a function call.  Thus, you can't just do JSONP transactions to any old server; it must be a server that explicitly provides the functionality.
                

                这个想法是您的客户端代码动态创建一个