Home >Backend Development >PHP Tutorial >Ajax cross-domain issues

Ajax cross-domain issues

WBOY
WBOYOriginal
2016-07-29 09:09:071063browse

Ajax can only access (submit forms, etc.) files in the same domain as the server asp, php, etc. This is because there is usually no in the http header returned by the server. Access-Control-Allow-Origin field. Therefore, during the penetration process, if we want the inserted JS to access our own server, we need to add this field to the http header. When using ettercap, add in the filter:

if(ip.proto == TCP && tcp.src == 80){

if (search(DATA.data, "Content -Type")){

#msg("access control");

replace("Content-Type","Access-Control-Allow-Origin:*rnContent-Type"); }

}

Access-Control-Allow-Origin: *

means that cross-domain requests for all web pages can be accepted or

Access-Control-Allow-Origin: www.baidu.com The above has introduced the cross-domain issues of Ajax, including aspects of it. I hope it will be helpful to friends who are interested in PHP tutorials.

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn