Detailed introduction to Ajax cross-domain issues

This time I will bring you a detailed introduction to Ajax cross-domain issues. What are the precautions for using Ajax cross-domain issues? The following is a practical case, let's take a look.

What is ajax

Ajax (Asynchronous JavaScript and XML) is a method that can request additional data from the server without refreshing the page. Technology, the emergence of ajax has brought a better user experience.

The core of Ajax is the XMLHttpRequest (XHR) object. XHR provides a smooth interface for sending requests to the server and parsing server responses. You can use the XHR object Get new data and insert the new data into the page through the DOM. Although the name contains XML, ajax communication has nothing to do with the data format; this technology can get data from the server without refreshing, but it does not have to be XML data, it can also be json.

XMLHttpRequest object

XHR usage

1. Create an XMLHttpRequest object

2. Send a request

1).Set the request line xhr.open()
2).POST requestNeed to set the request header xhr.setRequestHeader() POST The value of the request header Content-Type: application/x-www-form-urlencoded
3). Set the request body xhr.send() get request to pass null, post according to the situation

3. Process the server response

First determine whether the response status code and asynchronous object have been parsed.

Status code status returned by the server

1xx: Message
2xx: Success
3xx: Redirect
4xx: Request error
5xx: Server error

The status code of the asynchronous object readystate

0: The asynchronous object has been created
1 : The asynchronous object initialization is completed and the request is sent
2: Receive the original data returned by the server
3: The data is being parsed and the parsing will take time
4: The data parsing is completed and the data can be used

XML

Characteristics of XML, from a prestigious family, formulated by W3C, a data format that has been strongly recommended by Microsoft and IBM. XML refers to Extensible Markup Language (Extensible Markup Language), which is designed to To transmit and store data, HTML is designed to represent pages.

Grammar rules: Similar to HTML, they are all represented by tags

Special symbols: such as Using entity-transfer characters

Xml parsing requires front-end and back-end cooperation:
1. When the back-end returns, set the Content-Type value in the response header to application/xml
2. The front-end When the asynchronous object receives background data, remember to receive it in the form of xml, xhr.responseXML, and it returns an object object, the content is #document

JSON

JSON (JavaScript Object Notation), originated from the grassroots, is a subset of Javascript and is responsible for describing the data format. JSON itself is a string in a special format that can be converted into a js object and is used on the Internet. There is no one of the most widely used data formats to transmit data.

Grammar rules: Data is represented by key/value pairs, and the data is separated by commas. Parentheses save objects, square brackets save arrays, names and values ​​need to be enclosed in double quotes (this is a small difference from js).
Parsing/manipulating JSON in js:
1.JSON.parse(json string); Parse a json format string into a js object
2.JSON.stringify(js object); Convert a js object into a json format character String

Encapsulate an ajax yourself

function pinjieData(obj) {
 //obj 就相当于 {key:value,key:value}
 //最终拼接成键值对的字符串 "key:value,key:value"
 var finalData = "";
 for(key in obj){
  finalData+=key+"="+obj[key]+"&"; //key:value,key:value&
 }
 return finalData.slice(0,-1);//key:value,key:value
}
function ajax(obj) {
 var url = obj.url;
 var method = obj.method.toLowerCase();
 var success = obj.success;
 var finalData = pinjieData(obj.data);
 //finalData最终的效果key:value,key:value
 //1.创建xhr对象
 var xhr = new XMLHttpRequest();
 //get方法拼接地址,xhr.send(null)
 if (method=='get'){
  url = url + "?"+finalData;
  finalData = null;
 }
 //2.设置请求行
 xhr.open(method,url);
 // 如果是post请求,要设置请求头
 if (method=='post'){
  xhr.setRequestHeader("Content-Type","application/x-www-form-urlencoded")
 }
 //3.发送
 xhr.send(finalData);
 //4.监听服务器返回的数据
 xhr.onreadystatechange = function () {
  if (xhr.status==200 && xhr.readyState==4){
   var result = null;
   //获取返回的数据类型
   var rType = xhr.getResponseHeader("Content-Type");
   if (rType.indexOf('xml')!=-1){
    result = xhr.responseXML;
   }else if(rType.indexOf('json')!=-1){
    // JSON.parse 的意思是 将 json格式的字符串
    //比如 [{ "src":"./images/nav0.png","content":"商品分类1"}]
    //转成js对象
    result = JSON.parse(xhr.responseText);
   }else{//当成普通的字符串去处理
    result = xhr.responseText;
   }
   //将这里解析好的数据交给页面去渲染
   success(result);
  }
 }
}

Use ajax in jQueryAPI jQuery ajax

jQuery provides us with a more convenient ajax package.

$.ajax({}) Can be configured to initiate an ajax request
$.get() Initiate an ajax request in get mode
$.post() Initiate ajax request in post mode
$ ('form').serialize() Serialize form (format key=val$key=val)

Parameter description

url :接口地址
type :请求方式(get/post)
timeout : 要求为Number类型的参数，设置请求超时时间（毫秒）
dataType: 应该是客户端传递给服务器一个值，告诉服务器如何进行处理:
data: 发送请求数据
beforeSend: 要求为Function类型的参数，发送请求前可以修改XMLHttpRequest对象的函数，例如添加自定义HTTP头。在beforeSend中如果返回false可以取消本次ajax请求.
success: 成功响应后调用
error: 错误响应时调用
complete: 响应完成时调用（包括成功和失败）

 //ajax===get
 $.ajax({
  url:'',
  data:'key=value&key=value',
  type:'get',
  success:function (result) {
   console.log(result);
  }
 });
//ajax===post
$.ajax({
  url:'',
  data:'key=value&key=value',
  type:'post',
  success:function (result) {
   console.log(result);
  }
 });
//$.get
$.get({
  url:'',
  data:'key=value&key=value',
  success:function (result) {
  console.log(result);
  }
});
//$.post
$.post({
  url:'',
  data:'key=value&key=value',
  success:function (result) {
  console.log(result);
  }
});
//在使用jQuery中ajax发送请求的时候,只需要在 dataType中写上jsonp即可实现ajax的跨域请求
 dataType:'jsonp'

跨域

通过XHR实现ajax通信的一个主要限制(相同域,相同端口,相同协议),来源于跨服安全策略,默认情况下,XHR只能请求同一域的资源,这是为了防止某些恶意的行为.

CORS跨域

CORS(cross-origin resource sharing,跨域源资源共享)定义了在跨域时,浏览器和服务器应该如何沟通.CORS允许一个域上的网络应用向另一个域提交跨域 AJAX 请求。实现此功能非常简单，只需由服务器发送一个响应标头即可。
CORS支持所有类型的HTTP请求.
服务器端对于CORS的支持，主要就是通过设置Access-Control-Allow-Origin来进行的。

JSONP

JSONP由回调函数和数据组成.JSONP只支持GET请求.JSONP的优势在于支持老式浏览器，以及可以向不支持CORS的网站请求数据.
JSONP通过动态<script>元素来使用,src属性知道一个跨域URL,JSONP是有效的JavaScript代码,浏览器可以跨域请求JS文件.<br/>优点:简单易用,可以直接访问响应文本,支持在浏览器和服务器之间双向通信.<br/>缺点:1.JSONP是从其他域加载代码执行,存在不安全风险.2.不好确定JSONP请求是否成败.</script>

通过修改document.domain来跨子域

使用window.name来进行跨域

HTML5中新引进 window.postMessage方法来跨域传送数据

flash

iframe

服务器设置代理页面

图像Ping

通过使用标签,利用网页可以从任何网页加载图像原理.
图像Ping常用于跟踪用户点击页面或动态广告曝光次数.

2个缺点:1.只支持GET请求.2.无法访问服务器的响应文本.只能用于浏览器与服务器间的单项通信.

var img = new Image();
img.onload = img.onerror = function (){
alert("Done!");
};
img.src = "";

comet

一种更高级的ajax技术.ajax是页面向服务器请求数据的技术.comet是服务器向页面推送数据的技术.

SSE (Server-Sent Events) 服务器发送事件

Web Sockets

Web Sockets的目标是在一个单独的持久链接上提供全双工,双向通信.

相信看了本文案例你已经掌握了方法，更多精彩请关注php中文网其它相关文章！

推荐阅读：

PHP+Ajax如何实现表格的实时编辑

用ajax实现session超时跳转到登录页面

The above is the detailed content of Detailed introduction to Ajax cross-domain issues. For more information, please follow other related articles on the PHP Chinese website!