1. Cross-domain means that the browser can not execute scripts other sites, it is caused by the browser's same-origin policy, are browser security restrictions imposed on JavaScript.
2. The browser in the implementation of the script, the script will check belongs to which page that checks whether homologous, only homologous script will be executed; homologous script rather than at the time of the requested data, the browser will report an exception, suggesting that access is denied.
①, http: //www.123.com/index.html call http://www.123.com/welcome.jsp protocol, domain names, port numbers are the same, homologous.
②, https: //www.123.com/index.html agreement calls http://www.123.com/welcome.jsp different, non-homologous.
③, http: //www.123.com: 8080 / index.html call http://www.123.com:8081/welcome.jsp different ports, non-homologous.
④, http: //www.123.com/index.html call different http://www.456.com/welcome.jsp domain, non-homologous.
⑤, http: // localhost: 8080 / index.html While calling http://127.0.0.1:8080/welcom.jsp equivalent to 127.0.0.1 localhost but also non-homologous.
Origin policy restrictions situation:
1, Cookie, LocalStorage and can not read IndexDB
2, DOM objects can not be obtained, and Js
3, AJAX request can not be transmitted
Note: For the src attribute, like img, iframe, script and other labels are a special case, they can access the resources of the non-homologous sites.
3. Solve the problem of cross-domain configuration nginx
#设置需要跨域的指定文件 location ^~/res/ { add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET,POST'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; alias /data/web/res/; }
#设置允许全局跨域 server { .... add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods 'GET,POST'; add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization'; }
Original Address: https://www.cnblogs.com/chenjw-note/p/11353281.html