All the ways to solve cross-domain Issue in Web
The word cross-domain Issue is sticking to every Front-end developer like a piece of dog skin plaster, no matter you inevitably encounter this problem at work or in the interview. In order to cope with the interview, I casually recite several plans every time. Now let me summarize all the ways to solve cross-domain issue.
To solve cross-domain issue, you need to know why we have cross-domain issue
Simply this is because browser same-origin policy. What is same-origin policy?
The same-origin policy is a critical security mechanism that restricts how a document or script loaded from one origin can interact with a resource from another origin. It helps isolate potentially malicious documents, reducing possible attack vectors.
You can check more information about same-origin policy.
The risk without same-origin policy
Assume you are logged into Facebook and visit a malicious website A in another browser tab. Without the same origin policy JavaScript on website A could do anything to your Facebook account that you are allowed to do. For example read private messages, post status updates, analyse the HTML DOM-tree after you entered your password before submitting the form.
But of course Facebook wants to use JavaScript to enhance the user experience. So it is important that the browser can detect that this JavaScript is trusted to access Facebook resources. That’s where the same origin policy comes into play: If JavaScript is included from a HTML page on facebook.com, it may access facebook.com resources.
Now replace Facebook with your online banking website, and it will be obvious that this is an issue.
The right way to solve cross-domain
See solutions in below article.
