Can IE8 post cross-domain requests from HTTP to HTTPS?

回眸只為那壹抹淺笑 提交于 2020-06-28 06:11:55

问题


I'm trying to make a secure authentication POST request from an HTTP domain to an HTTPS domain using Ajax. For Firefox, Chrome and other modern browsers, it's possible to do this using a CORS request. Unfortunately IE8 and IE9 don't support CORS, which makes this type of authentication difficult.

In point 7 of XDomainRequest - Restrictions, Limitations and Workarounds, Eric Law mentions a workaround for IE's limitation on HTTP-to-HTTPS cross-domain requests. However, while the workaround demo works for IE9, it doesn't work for IE8.

Is there any other workaround for IE8 to send a cross-domain POST request from an HTTP domain to an HTTPS domain?

Note that sending a JSONP GET request probably won't due, because passing user credentials in the authentication request's URL parameters means that the credentials would be recorded in web server logs files. If those logs were compromised, then users' credentials would be compromised too.


回答1:


The demo doesn't work because IE8 doesn't support the addEventListener method for adding event listeners. Instead, the demo should use the attachEvent method.

I have verified that it works in IE8 if the correct attachEvent method is used.



来源:https://stackoverflow.com/questions/9890841/can-ie8-post-cross-domain-requests-from-http-to-https

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!