Note that the same-origin policy only applies to HTML documents.
注意,同源策略只能应用于HTML文档。
Avoiding the same-origin policy: JSON and the dynamic script tag.
避免同源策略:JSON和动态脚本标记。
Limitations of the browser same-origin policy and how these are overcome.
浏览器同源策略的限制以及解决办法。
To the Web application developer, it might look like he doesn't have the same-origin policy at all.
对于Web应用程序开发人员而言,它看上去可能完全不具有同源策略。
The same-origin policy prevents websites from one domain from requesting data belonging to another domain.
同源策略限制了来自一个域的站点向另一个域请求数据。
JSONP as an effective cross-domain communication technique, by-passing the same-origin policy limitations.
作为一种有效的跨域通信技术,JSONP能够绕过当前浏览器的同源策略限制。
Because of the same-origin policy, you cannot use XMLHttpRequest when communicating with external servers.
因为同源策略的限制,我们不能在与外部服务器进行通信的时候使用XMLHttpRequest。
In order to overcome the same-origin policy, the portlet USES the Ajax proxy layer to access these domains.
为了克服相同来源政策,portlet会使用Ajax代理层来访问这些域。
You can bypass the same-origin policy in many ways: We'll illustrate some of these ways later in the article.
可以通过许多方法绕过同源策略:稍后我将在文章中演示其中的一些方法。
The password manager's algorithm is based on the browser's same-origin policy, which we've touched on before.
密码管理程序的算法基于浏览器的same - origin策略,这个策略我们以前已经接触过了。
he same-origin policy fails by forcing 'Web applications today to either sacrifice security or functionality.'
同源策略的失败在于它迫使‘现在的网络应用,要么选择牺牲掉安全,要么选择牺牲掉功能。’
After being fetched, however, the content in the frames would be subject to the same-origin policy limitations.
不过,获取资源后,框架中的内容会受到同源策略的限制。
In this article, we provided an overview of different ways in which Web 2.0 applications avoid the same-origin policy.
在这篇文章中,我们概述了在Web 2.0应用程序中避免同源策略的各种不同的方法。
Some of the solutions proposed include relaxing the same-origin policy in the browser coupled with adding additional controls.
一些提出的解决方案包括:在辅以额外控制的同时,放宽同源策略的限制。
Helen Wang from the systems and networking group at Microsoft Research goes further into the failing of the same-origin policy.
来自微软研究院系统与网络组的HelenWang进一步指出了同源策略的失败之处。
JSON with Padding (JSONP) is a way to bypass the same-origin policy by using JSON in combination with the tag, as shown in Listing 1.
JSONP (JSONwithPadding)是一种可以绕过同源策略的方法,即通过使用JSON与标记相结合的方法,如清单1所示。
The same-origin policy prevents a script loaded from one domain from getting or manipulating properties of a document from another domain.
同源策略阻止从一个域上加载的脚本获取或操作另一个域上的文档属性。
To overcome the same-origin policy restriction, WebSphere Portal offers a solution that is based on a server-side HTTP proxy, the Ajax proxy layer.
为了克服相同来源的限制,WebSpherePortal提供了一个基于服务器端的HTTP代理方案,也就是Ajax 代理层。
Google Chrome defends against this subtle attack by checking the page to which the password data is submitted, once again using the same-origin policy.
GoogleChrome阻拦了这种狡猾的攻击,再一次使用same - origin策略,检查密码数据被提交到哪个页面。
The browser's same-origin policy does not prevent CSRF attacks because the attack requests are transmitted to the same origin in proxy for the intruding third-party site.
浏览器的同源策略无法阻止CSRF攻击,因为攻击请求被传输到第三方入侵站点的代理中相同的源。
A browser's same-origin policy (SOP) does not thwart requests being transmitted from a site of different origin, but only requests being transmitted to a site of different origin.
浏览器的同源政策(SOP)并不阻止来自不同来源的请求,而是只阻止传输到不同来源的站点的请求。
In Part 1 of this series, we introduced JSONP as an effective cross-domain communication technique, one that lets you bypass the same-origin policy limitations imposed by the current browsers.
在本系列的第1部分中,我们介绍了JSONP是一种有效的跨域通信技术,允许您绕过当前浏览器带来的同源策略限制。
The same-origin policy is the part of the current browser's protection mechanism that isolates Web applications coming from different domains under an assumption that domains represent originators.
同源策略是当前浏览器的保护机制的一部分,该机制将来自不同域(假设域代表的是始发者)的Web应用程序分离开来。
Modern browsers use a same origin policy that only permits subsequent requests to be issued to the same domain where the page originated.
现代浏览器使用一种同源策略,只允许将后续请求发送给发出页面的相同域。
When restricted by the browser's same Origin Policy, the same server that hosts the application must take on the task of fetching the third-party content and sending it to the client.
当受到浏览器的同源策略限制时,承载应用程序的服务器必须承担获取第三方内容并将其发送到客户机的任务。
Use of the tag to circumvent the Same Origin Policy allows the client to retrieve content from third parties.
使用标记避开同源策略使客户机能检索来自第三方的内容。
Due to the Same origin policy, the browser script can talk to the server only where it originates.
由于同源策略(Same origin),浏览器脚本只能与它所源自的那个服务器进行会话。
The URL of this Worker script is limited by the browser's same origin policy-it must come from the same domain that loaded the page that loaded the page script that is creating the Web Worker.
这个worker脚本的URL受到浏览器的同源策略的限制—它必须来自加载这个页面的同一个域,该页面已加载正在创建这个Web Worker的页面脚本。
To access all of this eBay data from your Web application, you will need to deal with the browser's same origin policy by using a generic proxy.
要从您的Web应用程序访问所有这些eBay数据,您需要通过使用一个泛型代理(generic proxy)来处理浏览器的同源策略。
This is the Same Origin Policy, which all browsers implement.
这就是所有浏览器都实现了的同源策略(Same Origin Policy)。
应用推荐