javascript - Why don't I get a 'same origin policy' warning when using the Google Maps API?

Question

Welcome To Ask or Share your Answers For Others

javascript - Why don't I get a 'same origin policy' warning when using the Google Maps API?

posted Oct 17, 2021 in Technique[技术] by 深蓝 (71.8m points)

javascript - Why don't I get a 'same origin policy' warning when using the Google Maps API?

I'm making a RESTful web service call in my JavaScript page and get the following warning:

"This page is accessing information that is not under its control. This poses a security risk. Do you want to continue?"

Now I've read up on this and am aware of the cross-domain, same origin policy. However, I don't get such warnings when I consume other APIs like Google's Maps API. Clearly the domain is not the same as my local domain. What is the difference?

My initial guess is that Google is 'imported' into the page using the <script> tag while my REST consumption is using XMLHttpRequest. IF that is the case, what is the difference between these two approaches that one would merit a warning and the other not?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙；凝视深渊过久,深渊将回以凝视…

1 Reply

深蓝 · Answer 1 · 2021-10-17T01:38:22+0000

The following might explain things: http://markmail.org/message/5wrphjwmo365pajy

Also, they employ some script hacks (e.g. inserting a script into the DOM to get requested data, instead of XHR).

Categories

javascript - Why don't I get a 'same origin policy' warning when using the Google Maps API?

javascript - Why don't I get a 'same origin policy' warning when using the Google Maps API?

Please log in or register to add a comment.

Please log in or register to reply this article.

1 Reply

Please log in or register to add a comment.

Just Browsing Browsing

Most popular tags