问题
Ok, here's the problem:
The remote site needs to pull complex html page content from other domain. Iframe solution is not good enough because of the problem with determining the page height, and cross domain ajax is not allowed on IE browsers. There is JSONP but amount of code that needs to be served is too complex and we also need to serve some funcionalities.
The solution:
On server side we are dinamically generating javascript that contains all the complex html content in a string variable. On remote side we just include call to this script and we put a on the page. Div is then filled with content from served variable. It works cross domain on ALL browsers and the content displays perfectly :)).
The question:
What's wrong with this approach? Why there is no mention of such solution anywhere online? It seems perfect for serving any kind of widgets and alike content, and now I'm affraid there is some big fallacy in it:)?
Please debunk it :)
回答1:
There is no problem with this approach. Cross domain is forbidden on client side for security matters, but on server side you do as you wish.
The difference here is that you have to reload a page in order for it to query the other domain and then push it to your page. So basically you could do the following :
1- Your javascript does an ajax request to it's own domain. 2- On the server side, you make a cross domain request 3- You print some js/html to be used by the requester
In that scenario, you have one more request than doing it directly on the client side.
回答2:
As Pointy commented, this is essentially the same as JSONP. Keep in mind that most browsers block sending cookies to the 3rd party site though.
回答3:
Cross domain is possible as long as the server sends an access-control-allow-origin response header. See the linked article for an example
http://www.leggetter.co.uk/2010/03/12/making-cross-domain-javascript-requests-using-xmlhttprequest-or-xdomainrequest.html
来源:https://stackoverflow.com/questions/8523858/cross-domain-content-loading-with-javascript