问题
As far as I understand, the crossdomain.xml file technique for crossdomain XHR is based on Flash. This settings on the server allows Javascript code from the client (using flash) to bypass the Same Origin Policy.
I was wondering if that technique doesn't work any more in iPad devices (since they don't support Flash). Does this also imply that all those Web Mashups that are using this technique to access data from the client's browser doesn't work at all?
Apologize if I'm assuming something wrong.
回答1:
There is no such thing as using a crossdomain.xml file for making cross-domain AJAX requests.
CDAJAX is performed by setting HTTP headers on the server which allow the client to consume data cross-domain. See this message in the W3 archives:
http://lists.w3.org/Archives/Public/public-webapi/2006Jun/0012
Also, look at the patch that adds this functionality to Firefox:
https://bugzilla.mozilla.org/show_bug.cgi?id=389508
Your best bet would be to perform cross-domain calls using YQL:
http://ajaxian.com/archives/using-yql-as-a-proxy-for-cross-domain-ajax
Hope this helps!
EDIT:
Also, http://www.w3.org/TR/access-control/
来源:https://stackoverflow.com/questions/3547102/crossdomain-xml-and-ipad