问题
IE sucks, at times. Until IE 10, IE did not provide support for the XMLHttpRequest Object. Rather, you must use the XActiveXObject Object for running AJAX calls. JQuery boots up this object by default and maintains it throughout a ternary function if it is present (which is all the time, essentially, should your browser be IE).
But, you can see the problem already. In order to use this ActiveX Object, you must fiddle with the security settings in IE in order to allow scriplets, unsigned ActiveX schtuff, and the like.
Is there any way to bypass these security settings (like installing a CAB file to sign the bloody thing) so that end users do not have to fiddle with their browser settings and everything will work out of the box?
回答1:
jQuery doesn't favor ActiveX over XMLHttpRequest in Internet Explorer like you suggest. Rather, it checks for its presence, and then proceeds to check if the file a is a local file. If either of these conditions aren't met, then a standard XHR request is made.
jQuery.ajaxSettings.xhr = window.ActiveXObject
// If ActiveXObject exists, and the file is not local, return Standard XHR
// If ActiveXObject exists, and the file is local, return ActiveXHR
? function() {
return !this.isLocal && createStandardXHR() || createActiveXHR(); }
// If ActiveXObject doesn't exist, use StandardXHR
: createStandardXHR;
This same thing could almost be written like this:
jQuery.ajaxSettings.xhr = (window.ActiveXObject && this.isLocal)
? createActiveXHR()
: createStandardXHR();
Hopefully that is easier to understand.
I should note that this has changed dramatically in jQuery 2.0:
jQuery.ajaxSettings.xhr = function() {
try {
return new XMLHttpRequest();
} catch( e ) {}
};
回答2:
So, here is what I did to rectify the situation. My original question was the following:
How do I make an Ajax call in IE and force it to bypass the ActiveX Security settings.
As we discussed in the above comments, in JQuery 1.8.2, the ActiveXObject is used for IE ONLY if the ajaxsettings.isLocal is true, which, in this case, it was. We don't support anything below IE8 which has a full implementation of XMLHttpRequest (which doesn't use ActiveX, of course) and thus I wanted to make sure that Ajax ALWAYS used XMLHttpRequest.
So, I made the following settings change at a global level:
$ajaxSetup({
isLocal: false
});
This caused IE to always consider the Ajax call to be cross domain, forcing JQuery to use the XMLHttpRequest Object, completely bypassing the need to recognize or even care about IE's ActiveX Security settings.
Case closed.
来源:https://stackoverflow.com/questions/16173464/ajax-calls-do-not-work-in-ie-unless-you-fiddle-with-security-settings