以下是您需要做的:JSONP。
由于上述政策,您无法向雅虎发送AJAX请求,但有解决方法。即脚本标签,它可以向任何地方发出请求。
例如,假设您想在用户点击“GO”按钮时向yahoo发送请求。您需要添加事件处理函数来捕获用户的单击事件,然后向DOM的头部添加新的脚本标记。脚本代码的网址是很重要的,它必须有一个回调PARAM在里面,例如:
http://helloasdf.cloudfoundry.com/get.tokens?callback=xss
注意回调可以是任意函数名。回应将是:
xss(["asdf"])
这意味着您的代码中的xss函数将被传递[“asdf”]。
或w /雅虎的API;
http://d.yimg.com/autoc.finance.yahoo.com/autoc?query=GS&callback=YAHOO.Finance.SymbolSuggest.ssCallback
通知回调= YAHOO.Finance.SymbolSuggest.ssCallback它会调用该函数时,请求返回:
YAHOO.Finance.SymbolSuggest.ssCallback({"ResultSet":{"Query":"gs","Result":[{"symbol":"GS","name": "The Goldman Sachs Group, Inc.","exch": "NYQ","type": "S","exchDisp":"NYSE","typeDisp":"Equity"},{"symbol":"^GSPC","name": "S&P 500 INDEX,RTH","exch": "SNP","type": "I","typeDisp":"Index"},{"symbol":"GSS","name": "Golden Star Resources, Ltd.","exch": "ASE","type": "S","exchDisp":"AMEX","typeDisp":"Equity"},{"symbol":"^GSPTSE","name": "S&P/TSX Composite index (Interi","exch": "TOR","type": "I","exchDisp":"Toronto","typeDisp":"Index"},{"symbol":"GSK","name": "GlaxoSmithKline plc","exch": "NYQ","type": "S","exchDisp":"NYSE","typeDisp":"Equity"},{"symbol":"GSX","name": "Gasco Energy Inc.","exch": "ASE","type": "S","exchDisp":"AMEX","typeDisp":"Equity"},{"symbol":"OIL","name": "iPath S&P GSCI Crude Oil TR Index ETN","exch": "PCX","type": "E","typeDisp":"ETF"},{"symbol":"GSIC","name": "GSI Commerce Inc.","exch": "NMS","type": "S","exchDisp":"NASDAQ","typeDisp":"Equity"},{"symbol":"GST","name": "Gastar Exploration, Ltd.","exch": "ASE","type": "S","exchDisp":"AMEX","typeDisp":"Equity"},{"symbol":"GSI","name": "General Steel Holdings, Inc.","exch": "NYQ","type": "S","exchDisp":"NYSE","typeDisp":"Equity"}]}})
以下是你需要动态地添加了JS的例子脚本标签:
var headLoc = document.getElementsByTagName("head").item(0);
var scriptObj = document.createElement("script");
var token="localstring"
var url="http://helloasdf.cloudfoundry.com/get.tokens?callback=xssCallback";
// Add script object attributes
scriptObj.setAttribute("type", "text/javascript");
scriptObj.setAttribute("charset", "utf-8");
scriptObj.setAttribute("src", url);
scriptObj.setAttribute("id", 'asf12');
headLoc.appendChild(scriptObj);
我更这里记录的过程:http://eggie5.com/22-circumvent-same-origin-policy
现代浏览器可防止跨源AJAX调用。参见:http://www.w3.org/TR/cors/ – 2011-05-03 14:36:48