问题
I've got some intranet scripting I am trying to go cross domain with. I'm using jQuery 1.7 and trying to weigh my options. There are 3 options I know of.
- JSONP
- Setting Access-Control-Allow-Origin on the webserver header
- Writing a proxy page
With JSONP I am limited to GET requests. I have some large data that I would like to post and it isn't feasible with URL length limits.
Setting Access-Control-Allow-Origin on the server helps for any preflight requests jQuery might do before executing. But I'm at the mercy of browser constraints such as Chrome and IE6. I'm on Chrome 15 and going from localhost to any other domain immediately throws up. I've read the IE7+ native XmlHttpReq charts and I thought this would be a good solution as I'm going from intranet to intranet only but I guess not for even the latest chrome.
Writing a proxy page will work but I think it might be too much up front work. I'm bouncing in between .NET WCF web services and have enough to worry about with wrapping SOAP requests and setting content types.
So what are your thoughts? Are there considerations I am missing to have this work in Chrome? I can ignore anything less than IE7. Or should I just go with the page proxy method?
回答1:
In the order that I would use them:
PROXY
To be absolutely sure that you get what you want, go with proxy. For small scale stuff you can literally do a one-liner in .htaccess on rewrite all URLs (provided you are using Apache) to the external host. Works just fine, debugging might be a bit difficult though, so you better be ready to read the log files on the target server, since in case of error (like 500 or similar) you get a proxy error (usually 502) instead in the browser. The only negative side is that it needs a decent server, if the load gets too big, but simply switching Apache to Ngnix will give you a great boost, so don't be afraid to use it.
Access-Control-Allow-Origin
A great thing, but not supported < IE8, Opera (working on it though) and some other older browsers. If certain browser support is not needed, go for this. A fun article on using CORS
JSONP
If you can't afford the extra server load generated by proxying, you can maybe work around the POST limit by breaking requests up into parts and send them separately, but much more of a hassle than simply proxying. Other than that, works pretty well.
回答2:
There is at least one other option - eaxyXDM. It is a framework specifically designed to accomplish cross-domain javascript communication.
来源:https://stackoverflow.com/questions/8244744/weighing-cross-domain-javascript-options