Can some body explain what is cross domain request / cross domain attacks / cross domain protocols with respect the ajax terminology.
一些人能解释什么是跨域请求/跨域攻击/跨域协议与ajax术语相关吗?
1 个解决方案
#1
10
Cross domain request: Requesting content from another host, than where the website is hosted. For example site hosted at google loads a facebook icon from facebook domain.
跨域请求:请求来自另一个主机的内容,而不是网站所在的位置。例如,托管在谷歌的站点从facebook域加载facebook图标。
Cross domain attack: I think there are whole books about these, but basically: The domain making the request cannot verify the content retrieved from another host, so it can be modified. Other usual is sending a login form or some other form from another domain instead of the actual login page. Badly designed interface could let you log in or retrieve sensitive data.
跨域攻击:我认为有很多关于这些的书籍,但基本上:发出请求的域无法验证从另一个主机检索到的内容,因此可以对其进行修改。其他的通常是从另一个域发送一个登录表单或其他表单,而不是实际的登录页面。设计糟糕的接口可以让您登录或检索敏感数据。
I'm not sure about Ajax protocols.
我不确定Ajax协议。
#1
10
Cross domain request: Requesting content from another host, than where the website is hosted. For example site hosted at google loads a facebook icon from facebook domain.
跨域请求:请求来自另一个主机的内容,而不是网站所在的位置。例如,托管在谷歌的站点从facebook域加载facebook图标。
Cross domain attack: I think there are whole books about these, but basically: The domain making the request cannot verify the content retrieved from another host, so it can be modified. Other usual is sending a login form or some other form from another domain instead of the actual login page. Badly designed interface could let you log in or retrieve sensitive data.
跨域攻击:我认为有很多关于这些的书籍,但基本上:发出请求的域无法验证从另一个主机检索到的内容,因此可以对其进行修改。其他的通常是从另一个域发送一个登录表单或其他表单,而不是实际的登录页面。设计糟糕的接口可以让您登录或检索敏感数据。
I'm not sure about Ajax protocols.
我不确定Ajax协议。