如何在ajax测试后提交表单而不出现XSS错误?
用户完成并尝试提交表单后,我想查询服务器以查看用户是否经过身份验证。如果没有,我想弹出一个登录窗口,该窗口将在登录后关闭,使表单数据不受干扰并准备提交。
问题是,如果用户登录,我想调用 form.submit(),但由于这是来自回调,所以它会给出 XSS 错误。有更好的办法吗?这是我尝试过的:
function submitForm(form) { form.submit();}
$("#myForm").submit(function () {
var thisForm = this;
$.getJSON("/url/login_check/", function(data) {
if (data.loggedIn === true) {
submitForm(thisForm);
}
else {
// display login popup
}
});
return false;
});
After a user completes and attempts to submit a form, I'd like to query the server to see whether the user is authenticated. If not, I'd like to pop up a login window which will be closed after logging in leaving the form data undisturbed and ready for submission.
The problem is that, if the user is logged in, I want to call form.submit(), but since that is from a callback, it gives an XSS error. Is there a better way? Here is what I have tried:
function submitForm(form) { form.submit();}
$("#myForm").submit(function () {
var thisForm = this;
$.getJSON("/url/login_check/", function(data) {
if (data.loggedIn === true) {
submitForm(thisForm);
}
else {
// display login popup
}
});
return false;
});
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您收到 XSS 错误,因为您尝试将 JSON 请求发送到其他域,但您无法执行此操作。
您可能需要做的是发送 JSONP 请求(假设您的身份验证服务器支持它们)。这允许您将数据发送到远程域并处理响应。
You're getting an XSS error because you're trying to send a JSON request to a different domain which you cannot do.
What you probably need to do is to send a JSONP request (assuming your authentication server supports them). This allows you to send data to a remote domain and process the response.