asp xmlhttp ajax实现跨域操作实例

跨域问题存在实际上源于浏览器的同源策略(same origin policy),简单讲,同源就是要求域名,协议,端口三者都一致;而同源策略就是指页面上的脚本不能访问非同源的资源(包括http响应和cookie);上面给出了维基百科的地址,如果无法正常访问请移步这里:same origin policy

很多人会想到一个很熟悉的东西:document.domain

同源策略有点放松的就是:b.a.com上的页面无法通过a.com的同源验证,但是设置b.a.com页面的document.domain属性为a.com,就可以通过浏览器对a.com的同源检测;但是,document.domain只允许设置成更上级的域名,而不是其它域名,例如c.com就不行; 提到这里很多人都会想到多级域名下共享cookie的路子就是把cooki设置成上级域名;在web2.0的时代,这种本质上同域跨级解决方案远远不能满足我们跨域的需求;

浏览器会进行同源检查,这导致了跨域问题,然而这个跨域检查还有一个例外那就是html的

调用代码

response.charset="utf-8"
dim url,method,data,charset
url =request.form("targeturl")
method =request.form("method")
data =request.form("data")
charset = request.form("charset")
if charset = "" then charset = "gb2312"
response.write smarthttp(url,method,data).send().gettext(charset)
set myhttp = nothing
%>

start.asp类文件

function _smarthttp(url,method,data){
if(typeof method=="undefined") method="get";
if(typeof data=="undefined") data="";
method = method.touppercase();
method = method!="post" ? "get" : "post";
this.timeout=[10000,10000,10000,10000];
this.method = method;
this.url=url;
this.data=data;
this.charset="gb2312";
this.http=null;
this.headers=[];
this.status=0;
this.readystate=0;
this.content=null;
this.msg="";
this.dataset={
charset:"gb2312",
data:[],
append:function(key,value,noencode){
var fn=null;
if(this.charset.tolowercase()=="utf-8"){fn = encodeuricomponent;}else{fn = escape;}
if(noencode==true){fn=function(_str){return _str;}}
this.data.push({"key":fn(key),"value":fn(value)});
},
remove:function(key){
if(this.data.length var _data=[];
for(var i=0;i if(this.data[i].key!=key){
_data.push(this.data[i]);
}
}
this.data = _data;
},
isexists:function(key){
if(this.data.length for(var i=0;i if(this.data[i].key==key){
return true;
}
}
return false;
},
clear:function(){
this.dataset.data=[];
}
};
}

_smarthttp.prototype.init=function(){
var datasetstr="";
if(this.dataset.data.length>0){
for(var i=0;i datasetstr += this.dataset.data[i].key + "=" + this.dataset.data[i].value + "&";
}
}
if(datasetstr!="") datasetstr = datasetstr.substr(0,datasetstr.length-1);
if(this.data==""){this.data = datasetstr;}else{if(datasetstr!="")this.data+= "&" + datasetstr;}
if(this.data=="")this.data=null;
//this.url += ((this.url.indexof("?") if(this.method=="get" && this.data!=null) this.url += "&" + this.data;
if(this.method=="post") this.headers.push("content-type:application/x-www-form-urlencoded");
if(!this.charset || this.charset=="") this.charset = "gb2312";
};

_smarthttp.prototype.header=function(headstr){
if(headstr.indexof(":")>=0) this.headers.push(headstr);
return this;
};

_smarthttp.prototype.timeout=function(){
if(arguments.length>4){return this;}
for(var i =0;i if(!isnan(arguments[i])){
this.timeout[i] = parseint(arguments[i]);
}
}
return this;
};

_smarthttp.prototype.send=function(){
this.init();
var _http = this.getobj();
if(_http==null){return this;}
try{
_http.settimeouts(this.timeout[0], this.timeout[1], this.timeout[2], this.timeout[3]);
}catch(ex){}
_http.open(this.method,this.url,false);
if(this.headers.length>0){
for(var i=0;i var sindex = this.headers[i].indexof(":");
var key = this.headers[i].substr(0,sindex);
var value = this.headers[i].substr(sindex+1);
_http.setrequestheader(key,value);
}
}
_http.send(this.data);
this.readystate = _http.readystate;
if(_http.readystate==4){
this.status = parseint(_http.status);
this.http = _http;
this.content = _http.responsebody;
}
return this;
}

_smarthttp.prototype.getbinary=function(){
return this.content;
};

_smarthttp.prototype.gettext=function(charset){
try{
return this.b2s(this.content,charset ? charset : this.charset);
}catch(ex){
this.msg = ex.description;
return "";
}
};

_smarthttp.prototype.getjson=function(charset){
try{
var _json=null;
eval("_json=(" + this.gettext(charset) + ");");
return _json;
}catch(ex){
this.msg = ex.description;
return null;
}
};

_smarthttp.prototype.getheader=function(key){
if(key){
if(key.touppercase()=="set-cookie"){
key = key.replace("-","-");
var headers = this.http.getallresponseheaders();
var regexp = new regexp("n" + key + ":(.+?)r","ig");
var resstr = "";
while((res = regexp.exec(headers))!=null){
var val = res[1].trim();
resstr = resstr + val.substr(0,val.indexof(";")) + "; "
}
if(resstr!=""){
resstr = resstr.substr(0,resstr.lastindexof(";"));
}
return resstr;
}else{
return this.http.getresponseheader(key);
}
}else{return this.http.getallresponseheaders();}
};

_smarthttp.prototype.getxml=function(charset){
try{
var _dom = new activexobject("msxml2.domdocument");
_dom.loadxml(this.gettext(charset));
return _dom;
}catch(ex){
this.msg = ex.description;
return null;
}
};
_smarthttp.prototype.getobj = function (){
var b=null;
var httplist = ["msxml2.serverxmlhttp.3.0","msxml2.serverxmlhttp","msxml2.xmlhttp.3.0","msxml2.xmlhttp","microsoft.xmlhttp"];
for(var i = 0;i try{
b= new activexobject(httplist[i]);
(function(o){
_smarthttp.prototype.getobj = function(){return new activexobject(o)};
})(httplist[i]);
return b;
}catch(ex){
eval("this.msg = ex.description;");
}
}
return b;
};

_smarthttp.prototype.getrnd = function (){return math.random().tostring().substr(2);};

_smarthttp.prototype.b2s = function(bytsource, cset){ //ef bb bf,c0 fd
var objstream,c1,c2,c3;
var byts;
objstream =server.createobject("adodb.stream");
objstream.type = 1;
objstream.mode = 3;
objstream.open();
objstream.write(bytsource);
objstream.position = 0;
objstream.type = 2;
objstream.charset = cset;
byts = objstream.readtext();
objstream.close();
objstream = null;
return byts;
};
_smarthttp.prototype.urlencode=function(str){ return encodeuricomponent(str);};
_smarthttp.prototype.urldecode=function(str){ return decodeuricomponent(str);};
string.prototype.trim = function(){return this.replace(/(^(s+)|(s+)$)/igm,"");};

总结
跨域请求，顾名思义，就是一个站点中的资源去访问另外一个不同域名站点上的资源。这种情况很常见，比如说通过 style 标签加载外部样式表文件、通过 img 标签加载外部图片、通过 script 标签加载外部脚本文件、通过 webfont 加载字体文件等等。默认情况下，脚本访问文档属性等数据采用的是同源策略（same origin policy）。

那么，什么是同源策略呢？如果两个页面的协议、域名和端口是完全相同的，那么它们就是同源的。同源策略是为了防止从一个地址加载的文档或脚本访问或者设置从另外一个地址加载的文档的属性。如果两个页面的主域名相同，则还可以通过设置 document.domain 属性将它们认为是同源的