我必须使用以下代码从 iframe 中的页面注销
//The javascript code is in a page in my-domain
//it tries to logout from the page in other-domain
$(window).unload(function()
{
if ($.browser.msie && window.XDomainRequest) // IE
{
var xdr = new XDomainRequest();
if (xdr)
{
xdr.onerror = function(){alert("XDR onerror");};
xdr.ontimeout = function(){alert("XDR timeout");};
xdr.onprogress = function(){alert("XDR onprogress");};
xdr.onload = function(){alert("XDR onload");};
xdr.timeout = 5000;
xdr.open("GET", 'http://other-domain/.../j_spring_security_logout');
alert("before send");
xdr.send();
alert("after send");
}
else
alert('Failed to create new XDR object.');
}
else // firefox
$.getJSON( 'http://other-domain/.../j_spring_security_logout?callback=?', null);
});
但是,我在 IE8 中按以下顺序获取更改框:“发送前”、“XDR onerror”、“发送后”。
我在服务器端有以下代码
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS");
response.setHeader("Access-Control-Max-Age", "360");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
chain.doFilter(req, res);
}
在我使用 $.getJSON 和 response.setHeader("Access-Control-Allow-Origin", "*") 等之后,我可以验证注销是否适用于 Firefox;但是,当我使用 IE 时它不会注销。
然后我在网上找到了这条评论:
"For cross-domain, IE requires you to use XDomainRequest instead of XMLHttpRequest.
jQuery doesn't do it so you have to do it manually:"
所以我添加了 XDomainRequest。但是,我在 IE8 中收到了警告对话框“XDR onerror”。我应该添加什么才能在 IE 中进行跨域调用?