I have two datatables that I am trying to populate with data via a GET request to a flask API. My datasource url is localhost:5000/data but I am unable to get datatables to display the data. When I create a static .txt file, I can get the data to come through. I looked at my GET request and it looks like it is being appended with some sort of event id from jQuery (I am pretty new to this...). I would eventually like to be able to pass a custom argument to the GET request in order to filter the second table based on which row in the first table is clicked on by the user.
我有两个数据表,我试图通过GET请求填充数据到烧瓶API。我的数据源url是localhost:5000 / data但我无法获取数据表来显示数据。当我创建一个静态.txt文件时,我可以获得数据。我查看了我的GET请求,看起来它正在附加来自jQuery的某种事件id(我对此很新...)。我最终希望能够将自定义参数传递给GET请求,以便根据用户单击第一个表中的哪一行来过滤第二个表。
I have experimented with both aaData and sAjaxSource and I cannot get either one to work.
我已经尝试过aaData和sAjaxSource,我无法让任何一个工作。
My JSON object is this form:
我的JSON对象是这种形式:
{
"items": [
{
"column1": "Foo",
"column2": "Bar",
"column3": "1.54"
},
{
"column1": "Blah",
"column2": "Tah",
"column3": "1.54"
}
]
}
Table 1 - I am using a static .txt file and this table displays fine
表1 - 我使用的是静态.txt文件,此表显示正常
$(document).ready(function() {
$('#table1').dataTable( {
"bProcessing": true,
"sAjaxSource": "/thisWorks.txt",
"sAjaxDataProp": "item",
"aoColumns": [
{
"mData": "column1"
},
{
"mData": "column2"
},
{
"mData": "column3"
}
]
} );
$('#example tbody').on('click', 'tr', function () {
var clickId = $('td', this).eq(0).text();
} );
Table 2 - Can't get this one to work
表2 - 无法使这个工作
$('#table2').dataTable( {
"bProcessing": true,
"sAjaxSource": "http://localhost:5000/data?column1=1234",
"sAjaxDataProp": "items",
"aoColumns": [
{ "mData": "column1" },
{ "mData": "column2" },
{ "mData": "column3" }
]
} );
When I look in my chrome console, I see my second Ajax request being interpreted as something like:
当我查看我的chrome控制台时,我看到我的第二个Ajax请求被解释为:
http://localhost:5000/data?column1=1234&_1412145757890
Eventually, I would like to pass the value of clickId from my first table to the Ajax source in my second table so any guidance there would be appreciated.
最后,我想将clickId的值从我的第一个表传递到我的第二个表中的Ajax源,所以任何指导都会受到赞赏。
Thanks!
1 个解决方案
#1
0
The same origin policy is a wholly client-based restriction, and is primarily engineered to protect users, not services. All or most browsers include a command-line switch or configuration option to to turn it off. The SOP is like seat belts in a car: they protect the rider in the car, but anyone can freely choose not to use them. Certainly don't expect a person's seat belt to stop them from getting out of their car and attacking you (or accessing your Web service).
相同的原始策略是完全基于客户端的限制,主要用于保护用户,而不是服务。所有或大多数浏览器都包含一个命令行开关或配置选项,以将其关闭。 SOP就像汽车中的安全带:它们保护车内的骑手,但任何人都可以*选择不使用它们。当然不要指望一个人的安全带阻止他们下车并攻击你(或访问你的网络服务)。
Suppose I write a program that accesses your Web service. It's just a program that sends TCP messages that include HTTP requests. You're asking for a server-side mechanism to distinguish between requests made by my program (which can send anything) and requests made by a browser that has a page loaded from a permitted origin. It simply can't be done; my program can always send a request identical to one formed by a Web page.
假设我编写了一个访问Web服务的程序。它只是一个发送包含HTTP请求的TCP消息的程序。您要求使用服务器端机制来区分我的程序(可以发送任何内容)发出的请求和由允许来源加载页面的浏览器发出的请求。它根本无法完成;我的程序总是可以发送与网页形成的请求相同的请求。
The same-origin policy was invented because it prevents code from one website from accessing credential-restricted content on another site. Ajax requests are by default sent with any auth cookies granted by the target site. For example, suppose I accidentally load http://evil.com/, which sends a request for http://mail.google.com/. If the SOP were not in place, and I was signed into Gmail, the script at evil.com could see my inbox. If the site at evil.com wants to load mail.google.com without my cookies, it can just use a proxy server; the public contents of mail.google.com are not a secret (but the contents of mail.google.com when accessed with my cookies are a secret).
发明了同源策略,因为它阻止来自一个网站的代码访问另一个站点上的凭据限制内容。默认情况下,Ajax请求与目标站点授予的任何auth cookie一起发送。例如,假设我不小心加载http://evil.com/,它会发送http://mail.google.com/的请求。如果SOP没有到位,我登录了Gmail,则evil.com上的脚本可以看到我的收件箱。如果evil.com上的网站想要在没有我的cookie的情况下加载mail.google.com,它可以只使用代理服务器; mail.google.com的公开内容不是秘密(但使用我的cookie访问时,mail.google.com的内容是秘密)。
#1
0
The same origin policy is a wholly client-based restriction, and is primarily engineered to protect users, not services. All or most browsers include a command-line switch or configuration option to to turn it off. The SOP is like seat belts in a car: they protect the rider in the car, but anyone can freely choose not to use them. Certainly don't expect a person's seat belt to stop them from getting out of their car and attacking you (or accessing your Web service).
相同的原始策略是完全基于客户端的限制,主要用于保护用户,而不是服务。所有或大多数浏览器都包含一个命令行开关或配置选项,以将其关闭。 SOP就像汽车中的安全带:它们保护车内的骑手,但任何人都可以*选择不使用它们。当然不要指望一个人的安全带阻止他们下车并攻击你(或访问你的网络服务)。
Suppose I write a program that accesses your Web service. It's just a program that sends TCP messages that include HTTP requests. You're asking for a server-side mechanism to distinguish between requests made by my program (which can send anything) and requests made by a browser that has a page loaded from a permitted origin. It simply can't be done; my program can always send a request identical to one formed by a Web page.
假设我编写了一个访问Web服务的程序。它只是一个发送包含HTTP请求的TCP消息的程序。您要求使用服务器端机制来区分我的程序(可以发送任何内容)发出的请求和由允许来源加载页面的浏览器发出的请求。它根本无法完成;我的程序总是可以发送与网页形成的请求相同的请求。
The same-origin policy was invented because it prevents code from one website from accessing credential-restricted content on another site. Ajax requests are by default sent with any auth cookies granted by the target site. For example, suppose I accidentally load http://evil.com/, which sends a request for http://mail.google.com/. If the SOP were not in place, and I was signed into Gmail, the script at evil.com could see my inbox. If the site at evil.com wants to load mail.google.com without my cookies, it can just use a proxy server; the public contents of mail.google.com are not a secret (but the contents of mail.google.com when accessed with my cookies are a secret).
发明了同源策略,因为它阻止来自一个网站的代码访问另一个站点上的凭据限制内容。默认情况下,Ajax请求与目标站点授予的任何auth cookie一起发送。例如,假设我不小心加载http://evil.com/,它会发送http://mail.google.com/的请求。如果SOP没有到位,我登录了Gmail,则evil.com上的脚本可以看到我的收件箱。如果evil.com上的网站想要在没有我的cookie的情况下加载mail.google.com,它可以只使用代理服务器; mail.google.com的公开内容不是秘密(但使用我的cookie访问时,mail.google.com的内容是秘密)。