JSON Request - Access to restricted URI denied

[dyerrington]

When I try to grab json from a remote host using a different domain
then the one used by the client, I get a message in the error console
complaining about permissions. When I try to reference it from the
same domain, no problems.

My questions are:

1) Is it possible to implement a cross domain JSON request?
2) Is there a better way to achieve the same functionality that's
implied with my example below?

--------------------

The error messages:

1) Security Error: Content at http://wwwtest.server/widgets/concept.html
may not load data from http://wwwproduction.server/widgets/json_wrapper.php?request_type=lyrics&query=mike.

2) Error: [Exception... "Access to restricted URI denied" code:
"1012" nsresult: "0x805303f4 (NS_ERROR_DOM_BAD_URI)" location:
"http://the_location_of_mootools_corefile"... etc.


My JS:

window.addEvent('domready', function() {

function json_request(e) {

var uri = "http://remote_url_with_different_domain";
new Request.JSON({url: uri, onComplete: function(j)
{alert(j);} }).send();
}

$('gn_submit').addEvent('click', function(e) {
json_request(e);
return false;
});

});


Also, I've tried this example from the docs with and without the same
domain:

http://docs.mootools.net/Request/Request.JSON


Any advice appreciated. Thanks in advance.

-Dave

[Tim E]

It's not possible to implement a crossdomain ajax call, you can only
use relative urls, without the http://.

On 19 aug, 02:31, dyerrington <david.yerring...@gmail.com> wrote:
> When I try to grab json from a remote host using a different domain
> then the one used by the client, I get a message in the error console
> complaining about permissions.  When I try to reference it from the
> same domain, no problems.
>
> My questions are:
>
>    1)  Is it possible to implement a cross domain JSON request?
>    2)  Is there a better way to achieve the same functionality that's
> implied with my example below?
>
> --------------------
>
> The error messages:
>

> 1) Security Error: Content athttp://wwwtest.server/widgets/concept.html
> may not load data fromhttp://wwwproduction.server/widgets/json_wrapper.php?request_type=lyr....

[Paradox Alireza !]

simple way is
open socket to your url and request to your socket

Example
var uri = "Soucket/Handler.apx?req=http://
remote_url_with_different_domain";

Handler response your target url

On Aug 19, 4:31 am, dyerrington <david.yerring...@gmail.com> wrote:
> When I try to grab json from a remote host using a different domain
> then the one used by the client, I get a message in the error console
> complaining about permissions.  When I try to reference it from the
> same domain, no problems.
>
> My questions are:
>
>    1)  Is it possible to implement a cross domain JSON request?
>    2)  Is there a better way to achieve the same functionality that's
> implied with my example below?
>
> --------------------
>
> The error messages:
>

> 1) Security Error: Content athttp://wwwtest.server/widgets/concept.html
> may not load data fromhttp://wwwproduction.server/widgets/json_wrapper.php?request_type=lyr....

[dyerrington]

Right, I get the whole "single trusted source" control instated in
Javascript. I was under the impression that Mootools JSON/Request
functionality could get around it. I recall seeing older Mootools
docs reference an older JSON.remote call or similar. That doesn't
seem to be in the latest docs or core anymore.

In any case I've concoccted a workaround that is sorta hackish.
Basically, I modified my backend script to produce a new text/
javascript content type header and output a string that looks kinda
like this:

<?php

echo 'var jsondata = '.json_encode($array).';';

?>

Outputs:

var JSONdata = {key:data, key:data, etc...};



Then I created a JS method that writes a new script tag which source
points to my backend script:

function loadJSON(term) {
document.write('http://remote.host.with.different.domain/backend?
fragment=' + term + '&var=value&etc..' );
}

From there I have everything I need inside the JSONdata var.
Conceptually, this is the direction I've taken and seems successful.
It may not be the best route but given the amount of time I have to
finish my project, it works.

-Dave

[dyerrington]

I left out the script tags. Quick edit to my JS function:

function loadJSON(term) {
document.write('<script src="http://
remote.host.with.different.domain/backend?
fragment=' + term + '&var=value&etc.."></script>' );

[Alan Chandler]

On Tuesday 19 Aug 2008, dyerrington wrote:
> When I try to grab json from a remote host using a different domain
> then the one used by the client, I get a message in the error console
> complaining about permissions. When I try to reference it from the
> same domain, no problems.
>
> My questions are:
>
> 1) Is it possible to implement a cross domain JSON request?
> 2) Is there a better way to achieve the same functionality that's
> implied with my example below?

Have you tried using mod_rewrite at the web server end to do the domain
change for you.

You should be able to put mod_rewrite rules in your .htaccess file I
think mod_proxy in Apache can do it too.

--
Alan Chandler
http://www.chandlerfamily.org.uk

[Michelle Steigerwalt]

JSON.Remote is just the old name for Request.JSON. It didn't have any
functionality in regard to cross-domain requests that Request.JSON
doesn't have in 1.2.

To do a cross-domain JSON request, take a look at solutions such as
json-p. A quick Google search on the topic should put you on the
right track. Good luck!

-- Michelle Steigerwalt