This time I will bring you a detailed explanation of ajax and jsonp cross-domain (with code), what are the precautions for implementing ajax and jsonp cross-domain, the following is a practical case, let's take a look.
Why are there cross-domain problems? - Because there is a same-origin policy
The same-origin policy is a security policy of the browser. The so-called same-origin refers to the protocol in the request URL address, the domain name and the port are the same, as long as One of the differences is cross-domain
The same origin policy is mainly to ensure the security of the browser
Under the same origin policy, the browser does not allow Ajax to obtain server data across domains
http://www.example.com/detail.html
Cross-domain request:
http://api. example.com/detail.html The domain name is different
http://www.example.com:8080/detail.html The port is different
http://api.example.com:8080/detail.html The domain name and port are different
https://api.example.com/detail.html The protocol and domain name are different
https://www.example.com:8080/detail.html The ports and protocols are different
ajaxBasic concepts
To understand this concept, you must first know synchronous interaction and asynchronous interaction
Synchronous interaction: client browsing The server sends a request to the server, and the server returns a page. The returned page will overwrite the previous page. We call this interaction method synchronous interaction
Asynchronous interaction: it can The browser will send a request to the server, and the server will return the data. The returned data will not overwrite the previous page. We call this interaction method asynchronous interaction
ajax Main application scenarios: Dynamic data interaction with the server can be performed without refreshing the page
Principle of interaction
Synchronous interaction principle: How do we send a request to the server in the browser? You can click a hyperlink, submit a form, and enter an address in the browser address bar, all of which are sending requests to the server. In fact, the browser helps us send requests to the server
The principle of asynchronous interaction : JavaScript provides us with a new API interface to help us send http requests. The XMLHttpRequest object helps us send requests.
All our interactive operations can be done through this object. Complete, send the request, and accept the data from the server
Specific application scenarios of ajax
The front desk can send it to the server through XMLHttpRequest Send a request, then accept the data returned by the server through the XMLHttpRequest object, and finally write the data to the page through dom operations
ajax: can be used for form input specification verification
ajax: It can also be used for performance optimization. For example, if a page is very large and it is impossible to load it in one go, a rolling load can be achieved
Four steps of XMLHttpRequest interaction
1. Instantiate the XMLHttpRequest object
2. If you want to interact with the server, you must interact with The server opens a connection
3. Send data to the server and parameter data to the server
4. Accept the data returned by the server. The server will return some status when returning to the client. You can pass Monitor server status changes to better control the entire interaction process
ajax cross-domain
Cross-domain: Suppose I visit a site, The background returns me a page, and then I want to access the resources of site B on this page of site A. This is a cross-domain effect. Cross-domain browsers have security restrictions
Solution·Cross-domain method: jsonp method
The full name of JSONP is JSON with Padding, which is based on the JSON format and is generated to solve cross-domain request resources. s solution. The basic principle of its implementation is to use the <script></script> element tag in HTML to remotely call the JSON file to achieve data transfer. If you want to get the JSON data (getUsers.JSON) that exists in b.com under the a.com domain:
The essential principle of jsonp solving cross-domain issues: Because browsers have same origin restrictions, different sites cannot communicate with each other. Access, but sometimes we just want to get data from other sites, such as adding Weather Forecast data where we want to get quick data. This must be cross-domain, so what should we do?
Principle: It is to dynamically create the