除了
JSONP,为什么要遵循相同的域策略?
出于安全考虑,实行同源政策;引用相关句子从
@L_301_1@:
原文链接:https://www.f2er.com/ajax/159817.htmlThis mechanism bears a particular
significance for modern web
applications that extensively depend
on HTTP cookies to maintain
authenticated user sessions,as
servers act based on the HTTP cookie
information to reveal sensitive
information or take state-changing
actions.
A strict separation
between content provided by unrelated
sites must be maintained on client
side to prevent the loss of data
confidentiality or integrity.
基本上,你不想要任何给定的网站(像任何你可能正在冲浪的网站,我们都知道人们有时到达你不应该信任的网站)能够从任何其他网站访问数据,或社交网络上的帐户).