What is cross-domain: in fact, the cross-domain browser security mechanisms, requesting access to the domain name and address inconsistencies ajax request, the browser will not return from a request. Popular point is: page B services by ajax loaded Information A service .
Cross-domain causes: In the current website domain request, the default domain is not allowed to send other via ajax request.
http://b.com/b.jsp
b.jsp
<script type="text/javascript">
$(function() {
$.ajax({
type:"get",
url : "http://a.com/MyServlet?userId=12344",
cache : false,
dataType : "json",
success : function(data) {
console.log(data);
}
});
})
</script>
How to deal with it?
1.jsonp supports only get request, the request does not support post
2. Use Interface Gateway --nginx, springcloud zull - Internet company actual case
3.httpclient internal forwarding
4. Add the header request to allow cross-domain access
5. Use dubbo distributed service framework
1.jsonp supports only get request, the request is not supported post
b.jsp
<script type="text/javascript">
$(function() {
$.ajax({
type:"get",
async:false,
url : "http://a.com/MyServlet?userId=12344",
dataType:"jsonp",
jsonp:"jsonpCallback", //服务器用于接收callback调用的function名的参数
cache : false,
dataType : "json",
success : function(data) {
console.log(data);
}
});
})
</script>
A service background:
String = jsonpCallback request.getParameter ( "jsonpCallback");
and then returns the parameter:
Result = jsonpCallback + "(" + Result + ")";
return Result;
JSONP principle analysis: Use get request script transmitted, pass the callback parameter brought back the resolution.
<script type = "text / javascript " src = "http://www.yy.com/static/common/jquery.js?t=2017-07-27"> </ script>
jsonp always just get request
2. Use Interface Gateway --nginx, springcloud zull - Internet company actual case
Use nginx to build enterprise-api gateway interfaces:
Interface Gateway: intercept all requests for distribution. Role: access control.
Api interfaces using nginx to build enterprise gateway implementation principle: by the same domain name, different projects, to intercept jump to the real server.
http://www.edu.com/A --> http://a.com:8080/A
http://www.edu.com/B --> http://a.com:8080/B
A Project B Project visit: http: //www.edu.com/A use nginx forward
nginx.conf configuration:
Server {
the listen 80;
server_name www.edu.com ;
#charset KOI8-R & lt;
#access_log logs / main host.access.log;
LOCATION / A {
proxy_pass http://a.com:8080/A
index.html index.htm index;
} LOCATION / B { proxy_pass http://b.com:8080/B index index.html index.htm; } } the listen: listening port number server_name: service name displayed page proxy_pass: They are forwarded to the real address of a server location / a: a project to intercept forwarding services a a: a project name
B项目b.jsp
<script type="text/javascript">
$(function() {
$.ajax({
type:"get",
url : "http://www.edu.com/A/MyServlet?userId=12344",
cache : false,
dataType : "json",
success : function(data) {
console.log(data);
}
});
})
</script>
Forwarding internal 3.httpclient
B项目b.jsp
<script type="text/javascript">
$(function() {
$.ajax({
type:"get",
url : "http://b.com/BdemoServlet?userId=12344",
cache : false,
dataType : "json",
success : function(data) {
console.log(data);
}
});
})
</script>
b Project Background:
// create a default link
CloseableHttpClient httpClient = HttpClients.createDefault ();
// Create request
HttpPost HttpPost = new new HttpPost ( "http://a.com/MyServlet?userId=12344");
CloseableHttpResponse the Response = httpClient. Execute (HttpPost);
int code = response.getStatusLine () getStatusCode ();.
IF (code 200 is ==) {
String Result = EntityUtils.toString (response.getEntity ());
System.out.println (Result);
}
response.close ();
httpClient.close ();
disadvantages: waste of resources (there is no cross-domain problems) bottom made two requests. First: b.jsp first visit B project request, the second: B project back again to send a request to access data A project to obtain
the advantages: security, packet capture analysis less.
4. Add allow cross-domain access request header
B项目b.jsp
<script type="text/javascript">
$(function() {
$.ajax({
type:"get",
url : "http://a.com/MyServlet?userId=12344",
cache : false,
dataType : "json",
success : function(data) {
console.log(data);
}
});
})
</script>
A MyServlet added to the code project:
// allow the browser to allow cross-domain access allresponse.setHeader ( "Access-Control-Allow -Origin", "*");
5. Use dubbo distributed service framework.