0

我正在尝试创建一个连接到此 Web 服务的基本 HTML 页面: http ://wsf.cdyne.com/WeatherWS/Weather.asmx 经过数小时修补教程和代码示例后,我完全不知所措为什么这不起作用。(我的请求收到 404,或者根本没有状态..)这是扩展演示的一部分,该演示已经使用 Soap 连接到类似的 Web 服务,教授的示例与好..

我的代码如下:

xmlHttpObj.open("POST", "http://wsf.cdyne.com/WeatherWS/Weather.asmx", true);
xmlHttpObj.setRequestHeader("Content-Type", "text/xml");
xmlHttpObj.setRequestHeader("SOAPAction", "http://ws.cdyne.com/WeatherWS/GetCityForecastByZIP");

var envelope = '<?xml version="1.0" encoding="utf-8"?> \n' +
               '<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"' +
               ' xmlns:xsd="http://www.w3.org/2001/XMLSchema"' +
               ' xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">' +
               '   <soap:Body> \n' +
               '       <GetCityForecastByZIP xmlns="http://ws.cdyne.com/WeatherWS/"> \n' +
               '           <ZIP>' + selectedZip + '</ZIP> \n' +
               '       </GetCityForecastByZIP> \n' +
               '   </soap:Body> \n' +
               '</soap:Envelope> ';

xmlHttpObj.onreadystatechange = UseResultsCallBack;
xmlHttpObj.send(envelope);

xmlHttpObj是一个有效的 xmlHttpRequest 对象,并且selectedZip是一个邮政编码。这都是客户端代码,所以可能存在某种跨域问题,但我不认为这是这种情况下的问题......

4

1 回答 1

1

根据您的评论(其中包括您的问题中未包含的非常重要的信息),您似乎正在尝试执行跨域 ajax 请求。这是不允许的。仅wsf.cdyne.com允许来自的页面向wsf.cdyne.com. 甚至页面表单cdyne.com也被阻止进行 ajax 调用,wsf.cdyne.com因为浏览器认为它是一个不同的域。

有两种解决方法。第一个是现代解决方案:CORS(跨源资源共享)。这需要wsf.cdyne.com网站授予您的页面/站点访问其数据的权限。他们可以通过将Access-Control-Allow-Origin标头添加到其 HTTP 响应来做到这一点。如果不进行此修改,您将无能为力。有了这个修改,您不需要做任何特别的事情,只需进行常规的 ajax 调用,浏览器就会与他们的站点进行协商。我再次强调,这不是你需要做的事情。这是wsf.cdyne.com管理员需要做的事情。所以联系他们的管理员。

但是,CORS 协议可能对您帮助不大。这是因为大多数浏览器都对让您破坏同源策略设置了严格的限制。例如,尽管 W3C 规范允许*每个人都可以向站点发出 ajax 请求的源,但出于安全原因,某些浏览器不支持它。此外,即使*可能受支持,某些浏览器也不允许本地托管文件(即未托管在服务器上的页面)使用 CORS。有些甚至更严格地要求服务器有一个域名,而不仅仅是一个 IP 地址。

有关 CORS 的更多信息,请参阅以下链接:

  1. https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS

  2. 跨域ajax

The second workaround is the more traditional method. What is preventing you from making the request is the web browser. Programming languages like javascript, Perl, PHP, C and Java don't have such restrictions. So the solution is obvious: don't make the request from the browser. Proxy it to your server.

Remember, the proxy script written in whatever language you choose must be hosted on the same domain as your web page. Again, that means that it doesn't work with local files. But getting a minimal web server running on your local machine shouldn't be too difficult.

The proxying doesn't even need to be on a server. YUI for example uses a Flash applet to proxy cross domain request. You can try it with Java too if I'm not mistaken. But both Flash and Java have started to close down security vulnerabilities of late so this situation may not last forever. Not to mention vendors starting to abandon both technologies.

The best bet, to me, is to simply run a web server and write a proxy script for the page you want to make the ajax request to. Be warned: do not write a generic proxy script. Spammers and bot net operators are on constant lookout for open web proxies to cover their tracks.

于 2013-03-18T15:33:13.487 回答