Here are a few of the most popular ways to do cross domain calls via JavaScript: proxies, JSON, and Flash.
Cross domain proxy
This is one of the most common approaches. Your script calls your server, your server makes the call to the remote server and then returns the result back to the client. There are some definite advantages to this approach: you have more control over the entire lifecycle. You can parse the data from the remote server, do with it what you will before sending it back to the client. If anything fails along the way, you can handle it in your own way. And lastly, you can log all remote calls. WIth that you can track success, failure and popularity.
Cross domain JSON
For this to work, the remote server needs to be set up to handle this. It needs to accept an additional parameter: a callback function. Then, to make the remote request, you insert a new script tag into your page with which will allow you to specify a remote URL. The reponse back will load a JSON object as a parameter of the callback function you specified in the request. Yahoo, for example, has implemented this feature in their web services API's. This is great because you can implement web service calls without ever needing a scripting language on your server. Check out Jason Levitt's article, JSON and the Dynamic Script Tag, on XML.com for more information.
Cross domain using Flash
Flash, by default, is much like Ajax in that you cannot request data from a remote server. However, you can enable this capability by placing a special XML file on the remote server to accept requests from other domains. With JavaScript's capability to interact with Flash, we can use Flash as a bridge for sending cross-domain requests. (XML.com has a nice write-up of this technique.) There are still some limitations to this technique, most of which seems to be limited to older versions of Flash. There's also the issue with users having Flash installed and enabled.
Sub-domains are still cross domains
One point to note and it's fairly subtle. Plenty of us have our sites running at www.example.com and at example.com. They both point to the very same place. To us, we see them as the same thing. But to an Ajax call, it's considered cross domain. Therefore, if you have to make an Ajax call to the same server, don't code the domain as part of the request; just use the path.
The Future
Some have already begun looking into establishing standards that could be implemented into future browsers, such as JSONRequest and ContextAgnosticXMLHttpRequest. JSONRequest seems the most promising but that could be because I prefer JSON over XML and see it as really gaining traction over the next couple years.
818
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
