AJAX(XMLHttpRequest)進行跨域請求方法詳解(三)
3,帶驗證資訊的請求
身份驗證是Web開發中經常遇到的問題,在跨域請求中,預設情況下是不傳送驗證資訊的。要想傳送驗證資訊,需要進行withCredentials 屬性,下面就是一個簡單請求的例子:
br> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
孟憲會之AJAX跨域請求測試
// var xhr = new XMLHttpRequest();
var url = 'http://dotnet.aspx.cc/RequestsWithCredentials.aspx';
function crossDomainRequest() {
document.getElementById("content").innerHTML = "開始進行請求……";
if (xhr) {
xhr.open('GET', url, true);
xhr.onreadystatechange = handler;
xhr.withCredentials = "true";
xhr.send();
} else {
document.getElementById("content").innerHTML = "不能建立 XMLHttpRequest。";
}
}
function handler(evtXHR) {
if (xhr.readyState == 4) {
if (xhr.status == 200) {
var response = xhr.responseText;
document.getElementById("content").innerHTML = "結果:" + response;
} else {
document.getElementById("content").innerHTML += "
執行狀態 status:" + xhr.status;
}
}
else {
document.getElementById("content").innerHTML += "
執行狀態 readyState:" + xhr.readyState;
}
}
//]]>
點選“開始測試”,我們可以檢測到下面的請求執行過程:
GET /RequestsWithCredentials.aspx HTTP/1.1
Host: dotnet.aspx.cc
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.meng_xian_hui.com:801/CrossDomainAjax/RequestsWithCredentials.html
Origin: http://www.meng_xian_hui.com:801
HTTP/1.x 200 OK
Date: Sun, 10 Jan 2010 14:12:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Access-Control-Allow-Origin: http://www.meng_xian_hui.com:801
Access-Control-Allow-Credentials: true
Set-Cookie: ASP.NET_SessionId=fn2zf0zq1cuwgf45fm5fw145; path=/; HttpOnly
Set-Cookie: visit=1; expires=Sun, 10-Jan-2010 14:12:56 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 1
從上面的響應中可以看出,Cookie 是會隨請求一起傳送的。如果我們多次點選測試按鈕,則可以看到請求和響應的結果是這樣的:
GET /RequestsWithCredentials.aspx HTTP/1.1
Host: dotnet.aspx.cc
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.meng_xian_hui.com:801/CrossDomainAjax/RequestsWithCredentials.html
Origin: http://www.meng_xian_hui.com:801
Cookie: ASP.NET_SessionId=fn2zf0zq1cuwgf45fm5fw145; visit=2
HTTP/1.x 200 OK
Date: Sun, 10 Jan 2010 14:13:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Access-Control-Allow-Origin: http://www.meng_xian_hui.com:801
Access-Control-Allow-Credentials: true
Set-Cookie: visit=3; expires=Sun, 10-Jan-2010 14:14:28 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 1
注意 Cookie: ASP.NET_SessionId=fn2zf0zq1cuwgf45fm5fw145; visit=2 這一行,訪問計數器已經被一起傳送到伺服器。
身份驗證是Web開發中經常遇到的問題,在跨域請求中,預設情況下是不傳送驗證資訊的。要想傳送驗證資訊,需要進行withCredentials 屬性,下面就是一個簡單請求的例子:
br> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
// var xhr = new XMLHttpRequest();
var url = 'http://dotnet.aspx.cc/RequestsWithCredentials.aspx';
function crossDomainRequest() {
document.getElementById("content").innerHTML = "開始進行請求……";
if (xhr) {
xhr.open('GET', url, true);
xhr.onreadystatechange = handler;
xhr.withCredentials = "true";
xhr.send();
} else {
document.getElementById("content").innerHTML = "不能建立 XMLHttpRequest。";
}
}
function handler(evtXHR) {
if (xhr.readyState == 4) {
if (xhr.status == 200) {
var response = xhr.responseText;
document.getElementById("content").innerHTML = "結果:" + response;
} else {
document.getElementById("content").innerHTML += "
執行狀態 status:" + xhr.status;
}
}
else {
document.getElementById("content").innerHTML += "
執行狀態 readyState:" + xhr.readyState;
}
}
//]]>
點選“開始測試”,我們可以檢測到下面的請求執行過程:
GET /RequestsWithCredentials.aspx HTTP/1.1
Host: dotnet.aspx.cc
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.meng_xian_hui.com:801/CrossDomainAjax/RequestsWithCredentials.html
Origin: http://www.meng_xian_hui.com:801
HTTP/1.x 200 OK
Date: Sun, 10 Jan 2010 14:12:26 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Access-Control-Allow-Origin: http://www.meng_xian_hui.com:801
Access-Control-Allow-Credentials: true
Set-Cookie: ASP.NET_SessionId=fn2zf0zq1cuwgf45fm5fw145; path=/; HttpOnly
Set-Cookie: visit=1; expires=Sun, 10-Jan-2010 14:12:56 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 1
從上面的響應中可以看出,Cookie 是會隨請求一起傳送的。如果我們多次點選測試按鈕,則可以看到請求和響應的結果是這樣的:
GET /RequestsWithCredentials.aspx HTTP/1.1
Host: dotnet.aspx.cc
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.2; zh-CN; rv:1.9.1.7) Gecko/20091221 Firefox/3.5.7 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.meng_xian_hui.com:801/CrossDomainAjax/RequestsWithCredentials.html
Origin: http://www.meng_xian_hui.com:801
Cookie: ASP.NET_SessionId=fn2zf0zq1cuwgf45fm5fw145; visit=2
HTTP/1.x 200 OK
Date: Sun, 10 Jan 2010 14:13:58 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Access-Control-Allow-Origin: http://www.meng_xian_hui.com:801
Access-Control-Allow-Credentials: true
Set-Cookie: visit=3; expires=Sun, 10-Jan-2010 14:14:28 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 1
注意 Cookie: ASP.NET_SessionId=fn2zf0zq1cuwgf45fm5fw145; visit=2 這一行,訪問計數器已經被一起傳送到伺服器。
來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/15723462/viewspace-624784/,如需轉載,請註明出處,否則將追究法律責任。
相關文章
- AJAX(XMLHttpRequest)進行跨域請求方法詳解(一)XMLHTTP跨域
- AJAX(XMLHttpRequest)進行跨域請求方法詳解(二)XMLHTTP跨域
- AJAX(XMLHttpRequest)進行跨域請求方法詳解(四)XMLHTTP跨域
- Ajax 跨域請求 Access to XMLHttpRequest 解決方案跨域XMLHTTP
- jquery ajax 跨域請求jQuery跨域
- javascript中跨域請求詳解JavaScript跨域
- js ajax請求封裝及解決node請求跨域問題JS封裝跨域
- ajax跨域請求之CORS的使用跨域CORS
- ajax跨域請求簡單介紹跨域
- 跨域ajax請求,伺服器會收到請求嗎?跨域伺服器
- 詳解XMLHttpRequest的跨域資源共享XMLHTTP跨域
- 跨域請求cookie資源共享詳解跨域Cookie
- Ajax+SpringMVC實現跨域請求SpringMVC跨域
- ajax跨域post請求,如何實現呢跨域
- AJAX 跨域請求解跨域
- java解決請求跨域的兩種方法Java跨域
- 跨域請求跨域
- AJAX 跨源 HTTP 請求HTTP
- Koa2框架利用CORS完成跨域ajax請求框架CORS跨域
- Python全棧Web(AjaxJQuery-AJAX跨域請求)Python全棧WebjQuery跨域
- ajax實現的跨域請求程式碼例項跨域
- 解決Ajax不能跨域的方法跨域
- CORS跨域請求CORS跨域
- vue跨域請求Vue跨域
- 解決 jquery使用ajax請求發生跨域問題的辦法jQuery跨域
- 跨域是什麼?跨域請求資源有哪些方法?跨域
- 跨域請求之jQuery的ajax jsonp的使用解惑跨域jQueryJSON
- 巧用javascript ajax,實現跨域請求外帶,增大漏洞危害JavaScript跨域
- PHP AJAX JSONP實現跨域請求使用例項PHPJSON跨域
- 利用JQuery實現更簡單的Ajax跨域請求jQuery跨域
- Springboot處理CORS跨域請求的三種方法Spring BootCORS跨域
- 第113天:Ajax跨域請求解決方法跨域
- 解決 ajax 跨域跨域
- 前端http請求跨域問題解決前端HTTP跨域
- JSONP解決跨域請求問題JSON跨域
- springboot 解決跨域 Access to XMLHttpRequest atSpring Boot跨域XMLHTTP
- ajax實現跨域請求程式碼例項簡單介紹跨域
- AJAX跨域完全講解跨域