jQuery ajax and SSL?

2019-01-08 19:32发布

In our site certain pages use SSL, most pages however don't (as they need to be crawled by web bots).

It pretty much boils down to any page where the user is logged in, with a few exceptions is under SSL,

But the user first has to login from a non https page (The login form is a form that drops from the top of the screen on any page).

So,

How can I force the requests over ajax to use SSL?

Is this even secure?

1条回答
放我归山
2楼-- · 2019-01-08 20:02

It violates JavaScript's same-origin policy, because it doesn't see the HTTPS URL as being from the same source as the HTTP URL. You can get around this by using JSONP or setting a Access-Control-Allow-Origin header in the response from the web service. Many web services will be setup to do this already.

查看更多
登录 后发表回答