浏览器上的所有行为都不是跨域,包括浏览器自己的资源访问等 任何跨越浏览器进行的如发送数据访问请求 获取cookie,localstorage,indexedDB等存储性内容都不允许 dom节点也不允许访问 这个是前端的同源策略,为了避免xss,csrf等攻击,同源指的是协议+域名+端口三者相同 即便两个不同的域名指向同一个ip地址,也不是同源 ajax请求不允许跨域不是请求发不出去,也不是服务端不能接受并返回结果,而是结果被浏览器拦截了 cors方案跨域(后端解决) 被访问的资源设置响应头,告诉浏览器我这个资源是允许跨域访问的 response.setHeader("Access-Control-Allow-Origin","地址"); jsonp方案(只能解决get请求) 利用了src和href可以跨域不受同源策略的限制的机制实现,但是只能解决GET请求 代理服务器跨域 Nginx反向代理,Node中间件代理,vue-cli代理(自带8080服务器可以作为代理服务器,需要配置vue.config.js来启用) postMessage,websocket(手动模拟浏览器发送请求的方式,发送到这里然后再回传数据),window.name+iframe,location.hash+iframe,document.domain+iframe 代理服务器方案的实现原理是同源策略是浏览器遵循的标准 而服务器向服务器发送请求就无需遵循这个同源策略
浏览器上的所有行为都不是跨域,包括浏览器自己的资源访问等
任何跨越浏览器进行的如发送数据访问请求
获取cookie,localstorage,indexedDB等存储性内容都不允许
dom节点也不允许访问
这个是前端的同源策略,为了避免xss,csrf等攻击,同源指的是协议+域名+端口三者相同
即便两个不同的域名指向同一个ip地址,也不是同源
ajax请求不允许跨域不是请求发不出去,也不是服务端不能接受并返回结果,而是结果被浏览器拦截了
cors方案跨域(后端解决)
被访问的资源设置响应头,告诉浏览器我这个资源是允许跨域访问的
response.setHeader("Access-Control-Allow-Origin","地址");
jsonp方案(只能解决get请求)
利用了src和href可以跨域不受同源策略的限制的机制实现,但是只能解决GET请求
代理服务器跨域
Nginx反向代理,Node中间件代理,vue-cli代理(自带8080服务器可以作为代理服务器,需要配置vue.config.js来启用)
postMessage,websocket(手动模拟浏览器发送请求的方式,发送到这里然后再回传数据),window.name+iframe,location.hash+iframe,document.domain+iframe
代理服务器方案的实现原理是同源策略是浏览器遵循的标准
而服务器向服务器发送请求就无需遵循这个同源策略
DROP TABLE IF EXISTS t_bugs; CREATE TABLE t_bugs(id VARCHAR(255) PRIMARY KEY,`desc` VARCHAR(255),resolved BOOLEAN); INSERT INTO t_bugs(id,`desc`,resolved) VALUES("001","222行空指针异常",FALSE); INSERT INTO t_bugs(id,`desc`,resolved) VALUES("002","666行空指针异常",FALSE); INSERT INTO t_bugs(id,`desc`,resolved) VALUES("003","888行空指针异常",FALSE); COMMIT; SELECT * FROM t_bugs; DROP TABLE IF EXISTS t_users; CREATE TABLE t_users(id VARCHAR(255) PRIMARY KEY,NAME VARCHAR(255),age INT); INSERT INTO t_users(id,NAME,age) VALUES("001","Jack",20); INSERT INTO t_users(id,NAME,age) VALUES("002","Rose",20); INSERT INTO t_users(id,NAME,age) VALUES("003","Tom",20); INSERT INTO t_users(id,NAME,age) VALUES("004","Jerry",20); COMMIT; SELECT * FROM t_users;
DROP TABLE IF EXISTS t_bugs;
CREATE TABLE t_bugs(id VARCHAR(255) PRIMARY KEY,`desc` VARCHAR(255),resolved BOOLEAN);
INSERT INTO t_bugs(id,`desc`,resolved) VALUES("001","222行空指针异常",FALSE);
INSERT INTO t_bugs(id,`desc`,resolved) VALUES("002","666行空指针异常",FALSE);
INSERT INTO t_bugs(id,`desc`,resolved) VALUES("003","888行空指针异常",FALSE);
COMMIT;
SELECT * FROM t_bugs;
DROP TABLE IF EXISTS t_users;
CREATE TABLE t_users(id VARCHAR(255) PRIMARY KEY,NAME VARCHAR(255),age INT);
INSERT INTO t_users(id,NAME,age) VALUES("001","Jack",20);
INSERT INTO t_users(id,NAME,age) VALUES("002","Rose",20);
INSERT INTO t_users(id,NAME,age) VALUES("003","Tom",20);
INSERT INTO t_users(id,NAME,age) VALUES("004","Jerry",20);
COMMIT;
SELECT * FROM t_users;
package com.bjpowernode.javaweb.servlet; import POJO.Bug; import com.alibaba.fastjson.JSON; import jakarta.servlet.ServletException; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import utils.DBUtil; import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; @WebServlet("/bugs") public class SourceServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); Connection connection = null; PreparedStatement statement = null; ResultSet resultSet = null; try { connection = DBUtil.getConnection(); String sql = "select * from t_bugs"; statement = connection.prepareStatement(sql); resultSet = statement.executeQuery(); List<Bug> bugs = new ArrayList<>(); while (resultSet.next()) { String id = resultSet.getString("id"); String desc = resultSet.getString("desc"); Boolean resolved = resultSet.getBoolean("resolved"); bugs.add(new Bug(id,desc,resolved)); } String json = JSON.toJSONString(bugs); PrintWriter out = response.getWriter(); out.println(json); } catch (SQLException e) { throw new RuntimeException(e); } finally { DBUtil.close(connection,statement,resultSet); } } }
package com.bjpowernode.javaweb.servlet; import POJO.Bug; import com.alibaba.fastjson.JSON; import jakarta.servlet.ServletException; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import utils.DBUtil; import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; @WebServlet("/bugs") public class SourceServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); Connection connection = null; PreparedStatement statement = null; ResultSet resultSet = null; try { connection = DBUtil.getConnection(); String sql = "select * from t_bugs"; statement = connection.prepareStatement(sql); resultSet = statement.executeQuery(); List<Bug> bugs = new ArrayList<>(); while (resultSet.next()) { String id = resultSet.getString("id"); String desc = resultSet.getString("desc"); Boolean resolved = resultSet.getBoolean("resolved"); bugs.add(new Bug(id,desc,resolved)); } String json = JSON.toJSONString(bugs); PrintWriter out = response.getWriter(); out.println(json); } catch (SQLException e) { throw new RuntimeException(e); } finally { DBUtil.close(connection,statement,resultSet); } } }
package com.bjpowernode.javaweb.servlet; import POJO.Bug; import POJO.User; import com.alibaba.fastjson.JSON; import jakarta.servlet.ServletException; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import utils.DBUtil; import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; @WebServlet("/users") public class UserServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); Connection connection = null; PreparedStatement statement = null; ResultSet resultSet = null; try { connection = DBUtil.getConnection(); String sql = "select * from t_users"; statement = connection.prepareStatement(sql); resultSet = statement.executeQuery(); List<User> users = new ArrayList<>(); while (resultSet.next()) { String id = resultSet.getString("id"); String name = resultSet.getString("name"); Integer age = resultSet.getInt("age"); users.add(new User(id,name,age)); } String json = JSON.toJSONString(users); PrintWriter out = response.getWriter(); out.println(json); } catch (SQLException e) { throw new RuntimeException(e); } finally { DBUtil.close(connection,statement,resultSet); } } }
package com.bjpowernode.javaweb.servlet; import POJO.Bug; import POJO.User; import com.alibaba.fastjson.JSON; import jakarta.servlet.ServletException; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import utils.DBUtil; import java.io.IOException; import java.io.PrintWriter; import java.sql.Connection; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; import java.util.List; @WebServlet("/users") public class UserServlet extends HttpServlet { @Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { request.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8"); response.setContentType("text/html;charset=UTF-8"); Connection connection = null; PreparedStatement statement = null; ResultSet resultSet = null; try { connection = DBUtil.getConnection(); String sql = "select * from t_users"; statement = connection.prepareStatement(sql); resultSet = statement.executeQuery(); List<User> users = new ArrayList<>(); while (resultSet.next()) { String id = resultSet.getString("id"); String name = resultSet.getString("name"); Integer age = resultSet.getInt("age"); users.add(new User(id,name,age)); } String json = JSON.toJSONString(users); PrintWriter out = response.getWriter(); out.println(json); } catch (SQLException e) { throw new RuntimeException(e); } finally { DBUtil.close(connection,statement,resultSet); } } }