first post here. I have what I think is a security-related question, but I'm honestly not sure.
第一篇文章在这里。我有一个我认为与安全有关的问题,但我真的不确定。
I'm building a mobile app using PhoneGap (basically an HTML page with jQuery/CSS). I have a call out to a .asmx webservice, like so:
我正在构建一个使用PhoneGap(基本上是一个带有jQuery/CSS的HTML页面)的移动应用程序。我给。asmx网络服务打了个电话,就像这样:
$.ajax({
type: "POST",
url: "http://mydomain.com/customPage.asmx/LoginMember",
data: memberData,
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function(msg) {
alert("This is my message: " + msg);
},
error: authenticateFailed
});
When I test this using my desktop (Mac, Safari), the call is successful. My 'msg' variable contains some string-formatted XML. All good. Here's what my alert shows when the call is successful and data exists:
当我使用我的桌面(Mac, Safari)进行测试时,调用成功了。我的“msg”变量包含一些字符串格式的XML。所有的好。当调用成功且数据存在时,我的警告显示如下:
<User><Membership><Item>MemberLoginStatus</Item><Type>XML</Type><Status>1</Status><Description>Succeeded</Description></Membership></User>
But when I take the same code and move it onto my device (iPhone, PhoneGap), something else happens. The call is still successful and my success function fires, but my 'msg' variable has no data. I get this alert: "This is my message: null"
但是当我把同样的代码移到我的设备上(iPhone, PhoneGap)时,就会发生别的事情。调用仍然成功,我的success函数触发,但是我的“msg”变量没有数据。我得到这个警告:“这是我的消息:null”
I've tried researching this, but can't seem to pinpoint what the actual source of the problem could be. I don't think it's my code, but am unsure whether it's an issue with jQuery, PhoneGap, or something else entirely.
我试过研究这个问题,但似乎无法确定问题的真正来源。我不认为这是我的代码,但我不确定这是jQuery、PhoneGap还是其他什么东西的问题。
As of now, my best guess is it's some kind of security issue. I noticed that when I test in Chrome, I get the same 'null' response as I do on my device. Could this possibly be due to the "Same Origin Policy?"
到目前为止,我认为这是某种安全问题。我注意到,当我在Chrome中进行测试时,我得到的响应与我在设备上做的相同。这可能是因为“同源政策”吗?
I've tried posting my question to the PhoneGap Google Group, the jQuery Forum, and haven't had much love. I would greatly appreciate any thoughts/advice, and am hoping someone else here has encountered this type of behavior before.
我试着把我的问题提交给PhoneGap谷歌Group, jQuery论坛,并没有太多的爱。我将非常感谢您的任何想法/建议,我希望这里的其他人以前遇到过这种行为。
Thanks! -Felix
谢谢!费利克斯
//Edit: Fixed url typo. Added successful response data.
/ /编辑:固定url输入错误。添加成功的响应数据。
2 个解决方案
#1
2
In your code you're missing the begging quote for your url property.
在您的代码中,您丢失了url属性的请求报价。
Assuming that's just a typo, have you tried switching User Agents in your desktop safari? (Must enable the Developer Menu item). Switch your User Agent to "iPhone" and see if you get the null response.
假设这只是一个输入错误,你试过在你的桌面safari中切换用户代理吗?(必须启用开发人员菜单项)。将用户代理切换到“iPhone”,看看是否得到空响应。
#2
2
Ok, so the issue is that I'm an idiot. The domain I was testing on was a subdomain and on top of that... it's not a public site. I have the IP address in my hosts file on my machine, but (of course) not on my iPhone.
问题是我是个白痴。我测试的域是一个子域,在它之上…它不是一个公共场所。我的主机上有IP地址,但是(当然)我的iPhone上没有。
When I tried testing on a different/public site we have here... I now see data on my device.
当我尝试在我们这里的另一个/公共站点上进行测试时……我现在在我的设备上看到数据。
Thanks so much Haochi and typeof, for your prompt and multiple replies. Out of all the other sites where I posted my question, you guys were incredibly quick with posting up some thoughts. In particular, it was typeof's question about the domain that got me thinking and realizing where the error came from.
非常感谢Haochi和typeof,感谢您的提示和多次回复。在我发布我的问题的所有其他网站中,你们发布一些想法的速度快得令人难以置信。尤其是typeof关于领域的问题让我思考并意识到错误从何而来。
I now feel like I've been trying to use my key to get into my house... and I've been standing in front of the wrong house. Incredibly embarrassing. But I see data now, and that's all that matters.
我现在觉得我一直在试图用我的钥匙进入我的房子……我站错房子了。非常尴尬。但我现在看到的是数据,这才是最重要的。
Thanks again!
再次感谢!
#1
2
In your code you're missing the begging quote for your url property.
在您的代码中,您丢失了url属性的请求报价。
Assuming that's just a typo, have you tried switching User Agents in your desktop safari? (Must enable the Developer Menu item). Switch your User Agent to "iPhone" and see if you get the null response.
假设这只是一个输入错误,你试过在你的桌面safari中切换用户代理吗?(必须启用开发人员菜单项)。将用户代理切换到“iPhone”,看看是否得到空响应。
#2
2
Ok, so the issue is that I'm an idiot. The domain I was testing on was a subdomain and on top of that... it's not a public site. I have the IP address in my hosts file on my machine, but (of course) not on my iPhone.
问题是我是个白痴。我测试的域是一个子域,在它之上…它不是一个公共场所。我的主机上有IP地址,但是(当然)我的iPhone上没有。
When I tried testing on a different/public site we have here... I now see data on my device.
当我尝试在我们这里的另一个/公共站点上进行测试时……我现在在我的设备上看到数据。
Thanks so much Haochi and typeof, for your prompt and multiple replies. Out of all the other sites where I posted my question, you guys were incredibly quick with posting up some thoughts. In particular, it was typeof's question about the domain that got me thinking and realizing where the error came from.
非常感谢Haochi和typeof,感谢您的提示和多次回复。在我发布我的问题的所有其他网站中,你们发布一些想法的速度快得令人难以置信。尤其是typeof关于领域的问题让我思考并意识到错误从何而来。
I now feel like I've been trying to use my key to get into my house... and I've been standing in front of the wrong house. Incredibly embarrassing. But I see data now, and that's all that matters.
我现在觉得我一直在试图用我的钥匙进入我的房子……我站错房子了。非常尴尬。但我现在看到的是数据,这才是最重要的。
Thanks again!
再次感谢!