我可以向XMLHttpRequest添加P3P响应头吗?

时间:2014-12-15 16:10:19

标签: javascript jquery ajax cookies ajaxcontroltoolkit

我在我的代码中使用了AjaxFileUpload插件,但ie8和ie10没有将POST上的请求头中的Cookie发送到AjaxFileUploadHandler.axd。我看到ie8底部的“eye”图标,看到AjaxFileUploadHandler.axd是“blobked”,所以不发送cookie是故意的。我在我自己的web.config中有以下标记,但问题是AjaxFileUpload的脚本是从dll中提取的,所以即使使用这个AjaxFileUploadHandler仍然“被阻止”。我将源代码下载到AjaxControlToolkit,它为项目创建了dll,现在我试图找到我可以添加P3P头的位置,以便即可。我在工具包的代码中看到了XMLHttpRequest(),有没有办法将这个P3P头添加到它来满足ie?

编辑:解决方法是注释掉iframe.security =“restricted”;我更新了以下代码。

<httpProtocol>
  <customHeaders>
    <add name="P3P" value='CP="Potato"'/>
  </customHeaders>
</httpProtocol>

特别是这个问题与工具包使用的iframe有关。有没有办法将P3P添加到iFrame?

    this.createIFrame = function() {

    var name = this._iframeName,
        iframe = document.createElement("IFRAME");

    iframe.width = "0";
    iframe.height = "0";
    iframe.style.display = "none";
    iframe.src = "about:blank";
    //iframe.src = "javascript:'<script>window.onload=function(){document.write(\\'<script>document.domain=\\\"" + document.domain + "\\\";<\\\\/script>\\');document.close();};<\/script>'";
    iframe.id = name;
    iframe.name = name;
    //iframe.security = "restricted";
    document.body.appendChild(iframe);
    iframe.contentWindow.name = name;
    $addHandlers(iframe, {
        load: Function.createDelegate(this, this.onIFrameLoadedHandler)
    });

    this._iframe = iframe;
};

this.onIFrameLoadedHandler = function (e) {
    /// <summary>
    /// Event handler to capture when iframe receive response from server.
    /// </summary>
    /// <param name="e"></param>

    if (!control._currentFileId)
        return;

    try {

        var iframe = this._iframe, doc = null;

        // Only test the iframe data, exception should thrown if something went wrong.
        if (iframe.contentDocument)
            // Firefox, Opera
            doc = iframe.contentDocument;
        else if (iframe.contentWindow)
            // Internet Explorer
            doc = iframe.contentWindow.document;
        else if (iframe.document)
            // Others?
            doc = iframe.document;

        if (doc == null)
            throw "Document not initialized";

        // finalizing and upload next file
        control.doneAndUploadNextFile(control.getCurrentFileItem());

    } catch (e) {

        // Cancelation / aborting upload can causing 'Access is denied' or 'Permission denied' on IE 9 bellow,
        // let's consider this exception is not trully error exception from server.
        if (!control._canceled || !(e.message && (e.message.indexOf("Access is denied") > -1 || e.message.indexOf("Permission denied") > -1))) {
            this.raiseUploadError(e);
            throw e;
        }
    } 
};

1 个答案:

答案 0 :(得分:0)

解决这个问题的方法是删除一条小行:

iframe.security = "restricted";

将该行保留在那里使ie处理iframe与用户的网站具有相同的安全级别&#34;受限制的&#34;列表。

相关问题
最新问题