问题
I've been researching this issue and I can't find an answer that satisfies me.
I'm very aware of the same origin policies as they apply to websites in a standard web browser. My question came up when I started developing a mobile app that uses the native webview and loading in site content with jQuery's .load method. Typically in a standard web browser I would get an XHR load error.
So, what are the rules regarding native apps and cross origin policies?
回答1:
Robot Woods is definitely on the right track. When dealing with a native application, you are in a sense making requests from file://, instead of from https://. Because you are not making a request across the HTTP protocol, the same rules do not apply. When making requests from your native mobile app, you should be to make requests to any domain without any problems.
You only need to add the domain to the whitelist in PhoneGap/Cordova if you will be having that entire page replace your normal content in the webview, which normally doesn't happen (you normally are just requesting data in chunks from your server, instead of doing a window.location change).
来源:https://stackoverflow.com/questions/11990907/same-origin-policy-on-mobile-apps