问题
I have a web page on domain xyz.com that has a javascript being downloaded from cdn domain cdn.xyz.com. Does the browser consider calling a service on xyz.com (xyz.com/service.svc) from the javascript a cross domain call since js is downloaded from cdn.xyz.com?
If yes, Can the javascript on cdn.xyz.com call a service on xyz.com without having the service to return jsonp?
Which domain is considered by the browser on making a service call from javascript? Is it the domain the javascript is downloaded from or the domain of the primary request?
回答1:
Does the browser consider calling a service on xyz.com (xyz.com/service.svc) from the javascript a cross domain call since js is downloaded from cdn.xyz.com?
No. The origin domain is the domain from which originated the HTML that referenced the javascript. It doesn't matter from which domain does this javascript came.
Just think for a second if the contrary was true. Google CDN wouldn't even exist for jQuery since you would be able to send AJAX requests only to http://google.com which kinda restricts the number of applications.
Which domain is considered by the browser on making a service call from javascript?
In your specific example that would be http://xyz.com. So you can perfectly fine send AJAX requests to http://xyz.com even if your javascript file was referenced from http://cdn.xyz.com.
来源:https://stackoverflow.com/questions/9284768/cross-domain-javascript