javascript widget (using prototypejs)
14 views
Skip to first unread message
Rama
Sep 16, 2008, 1:34:51 PM9/16/08
to Prototype & script.aculo.us
hi,
i have developed a widget/badge in javasript. (using prototypejs)
It is working well on my own site. but when placed on other
domains AJAX(XHR) requests are not working porperly.
Can anyone please guide us on why the ajax(XHR) calls/requests are
not working when placed on other doman.
Regards
rama
i have developed a widget/badge in javasript. (using prototypejs)
It is working well on my own site. but when placed on other
domains AJAX(XHR) requests are not working porperly.
Can anyone please guide us on why the ajax(XHR) calls/requests are
not working when placed on other doman.
Regards
rama
Diodeus
Sep 16, 2008, 3:23:30 PM9/16/08
to Prototype & script.aculo.us
Assuming you are attempting to make an Ajax call to a server that is
not in your web page's domain, it is a deliberate security restriction
in the browser designed to prevent cross-site scripting (XSS) attacks.
not in your web page's domain, it is a deliberate security restriction
in the browser designed to prevent cross-site scripting (XSS) attacks.
Hector Virgen
Sep 16, 2008, 4:19:58 PM9/16/08
to prototype-s...@googlegroups.com
The script that is making the ajax request has to be on the same domain where the ajax response is coming from. So just keep your script on your server and use a wrapper function from the other domain that calls your script residing on your domain.
Rama
Sep 16, 2008, 7:38:46 PM9/16/08
to Prototype & script.aculo.us
iam not violating the same origin policy that which the browers
follow.
Scenario1 ) Script is loading from mydomain.com,script is
residing on the same mydomain.com
in this case everything is working fine.
Scnario2) Script is loading from mydomain.com, script is residing on
other domain say xyza.com
Even though script is residing on xyza.com
the script downloaded form mydomain.com is making calls
Ajax calls (XHR request/response) to only mydomain.com
in the above case it is still not violating th same
ORgin policy.
in the second scenario also it should work
correctly.but it is not working ...............
i could not able to figure it out the mistake that iam
doing.
follow.
Scenario1 ) Script is loading from mydomain.com,script is
residing on the same mydomain.com
in this case everything is working fine.
Scnario2) Script is loading from mydomain.com, script is residing on
other domain say xyza.com
Even though script is residing on xyza.com
the script downloaded form mydomain.com is making calls
Ajax calls (XHR request/response) to only mydomain.com
in the above case it is still not violating th same
ORgin policy.
in the second scenario also it should work
correctly.but it is not working ...............
i could not able to figure it out the mistake that iam
doing.
Diogo Neves
Sep 16, 2008, 7:49:28 PM9/16/08
to prototype-s...@googlegroups.com
Hi,
On Wed, Sep 17, 2008 at 12:38 AM, Rama <ramaak...@gmail.com> wrote:
iam not violating the same origin policy that which the browers
follow.
Scenario1 ) Script is loading from mydomain.com,script is
residing on the same mydomain.com
in this case everything is working fine.
Scnario2) Script is loading from mydomain.com, script is residing on
other domain say xyza.com
Even though script is residing on xyza.com
the script downloaded form mydomain.com is making calls
Ajax calls (XHR request/response) to only mydomain.com
in the above case it is still not violating th same
ORgin policy.
Wrong... the domain of the webpage is what counts, not the script domain...
But u can always use the appendChild tecnique...
in the second scenario also it should work
correctly.but it is not working ...............
i could not able to figure it out the mistake that iam
doing.
On Sep 17, 12:23 am, Diodeus <diod...@gmail.com> wrote:
> Assuming you are attempting to make an Ajax call to a server that is
> not in your web page's domain, it is a deliberate security restriction
> in the browser designed to prevent cross-site scripting (XSS) attacks.
>
> On Sep 16, 1:34 pm, Rama <ramaakrish...@gmail.com> wrote:
>
> > hi,
>
> > i have developed a widget/badge in javasript. (using prototypejs)
>
> > It is working well on my own site. but when placed on other
> > domains AJAX(XHR) requests are not working porperly.
>
> > Can anyone please guide us on why the ajax(XHR) calls/requests are
> > not working when placed on other doman.
>
> > Regards
> > rama
--
Thanks,
Diogo Neves
Web Developer @ SAPO.pt by PrimeIT.pt
Rama
Sep 17, 2008, 8:07:42 AM9/17/08
to Prototype & script.aculo.us
ok understood.
then how can we make AJAX (XHR) calls to other domain ?
Is it actually possible?
Regards
rama
then how can we make AJAX (XHR) calls to other domain ?
Is it actually possible?
Regards
rama
bluezehn
Sep 17, 2008, 8:46:18 AM9/17/08
to Prototype & script.aculo.us
A suggestion: make them to your domain, then have a server side script
on the same domain which uses something akin to php's curllib to make
a request to another server and return that server's response. I don't
know any other way in which this is possible.
on the same domain which uses something akin to php's curllib to make
a request to another server and return that server's response. I don't
know any other way in which this is possible.
Rama
Sep 17, 2008, 9:30:52 AM9/17/08
to Prototype & script.aculo.us
ok.
The above solution works when javascript is on my domain.
((in javascript) instead of cross domain i will interact with my
server , the server will fetch that page)
But what to do when iam placing the javascript from mydomain.com in
another domain say xyz.com where the javascript loaded from
mydomain.com on a page at xyz.com wants to interact with the
mydomain.com server.
in those case How should we do cross domain Ajax (or XHR calls)?
(the above scenario is occurring for me while building a small widget
(javascript based) which any websites can put on their page )).where
iam actually planning to bring data for the widget by calling AJAX./
XHR call to my server.
regards
rama
The above solution works when javascript is on my domain.
((in javascript) instead of cross domain i will interact with my
server , the server will fetch that page)
But what to do when iam placing the javascript from mydomain.com in
another domain say xyz.com where the javascript loaded from
mydomain.com on a page at xyz.com wants to interact with the
mydomain.com server.
in those case How should we do cross domain Ajax (or XHR calls)?
(the above scenario is occurring for me while building a small widget
(javascript based) which any websites can put on their page )).where
iam actually planning to bring data for the widget by calling AJAX./
XHR call to my server.
regards
rama
Ryan Gahl
Sep 17, 2008, 10:11:05 AM9/17/08
to prototype-s...@googlegroups.com
To repeat previous answers, you cannot make XHR calls cross domain from the browser (you seem not to be understanding that point).
Having said that, there are two ways to solve your problem though...
One, distribute your widget as an iframe that points to a page on your domain instead of as script people put on their pages.
Two, create your back end (the one that the AJAX calls are being made to now) to be capable of returning pure javascript, and instead of doing XHR calls to that endpoint, use dynamic script tag injection. For details on how to do that, use Google.
Having said that, there are two ways to solve your problem though...
One, distribute your widget as an iframe that points to a page on your domain instead of as script people put on their pages.
Two, create your back end (the one that the AJAX calls are being made to now) to be capable of returning pure javascript, and instead of doing XHR calls to that endpoint, use dynamic script tag injection. For details on how to do that, use Google.
--
Ryan Gahl
Manager, Senior Software Engineer
Nth Penguin, LLC
http://www.nthpenguin.com
--
WebWidgetry.com / MashupStudio.com
Future Home of the World's First Complete Web Platform
--
Inquire: 1-920-574-2218
Blog: http://www.someElement.com
LinkedIn Profile: http://www.linkedin.com/in/ryangahl
Ryan Gahl
Manager, Senior Software Engineer
Nth Penguin, LLC
http://www.nthpenguin.com
--
WebWidgetry.com / MashupStudio.com
Future Home of the World's First Complete Web Platform
--
Inquire: 1-920-574-2218
Blog: http://www.someElement.com
LinkedIn Profile: http://www.linkedin.com/in/ryangahl
Matt Foster
Sep 17, 2008, 2:26:30 PM9/17/08
to Prototype & script.aculo.us
I'd recommend building it as a Google Gadget, by leveraging their
platform you could bypass a lot of the common development troubles.
Also you'll have a better adoption rate as more people already use
Google Gadgets, not to mention the fact that by submitting it to the
gadget directory it will be put in front of a very large audience.
http://code.google.com/apis/gadgets/docs/gs.html
platform you could bypass a lot of the common development troubles.
Also you'll have a better adoption rate as more people already use
Google Gadgets, not to mention the fact that by submitting it to the
gadget directory it will be put in front of a very large audience.
http://code.google.com/apis/gadgets/docs/gs.html
david
Sep 18, 2008, 7:02:06 AM9/18/08
to Prototype & script.aculo.us
Hi,
there is pluging for prototype to do cross site AJAX, let's have a
look ??PB: the version is for prototype 1.5, but try it :))
http://www.mellowmorning.com/2007/10/25/introducing-a-cross-site-ajax-plugin-for-prototype/
hope you could find what you need.
--
david
there is pluging for prototype to do cross site AJAX, let's have a
look ??PB: the version is for prototype 1.5, but try it :))
http://www.mellowmorning.com/2007/10/25/introducing-a-cross-site-ajax-plugin-for-prototype/
hope you could find what you need.
--
david
Rama
Sep 18, 2008, 8:57:02 AM9/18/08
to Prototype & script.aculo.us
Thanks for the community
i have resolved my problem .
I have used iframes and implemented the cross domain communication
using fragment identifiers. i opted for iframe as it makes my task
easier.
much more details are given in below links
--------------------------------------------------------------
1) http://softwareas.com/cross-domain-communication-with-iframes
2) http://dojotoolkit.org/node/87
Once again i want to thank all the community members for giving me a
proper direction in solving the problem.
regards
--------------
rama
On Sep 18, 4:02 pm, david <david.brill...@gmail.com> wrote:
> Hi,
>
> there is pluging for prototype to do cross site AJAX, let's have a
> look ??PB: the version is for prototype 1.5, but try it :))http://www.mellowmorning.com/2007/10/25/introducing-a-cross-site-ajax...
i have resolved my problem .
I have used iframes and implemented the cross domain communication
using fragment identifiers. i opted for iframe as it makes my task
easier.
much more details are given in below links
--------------------------------------------------------------
1) http://softwareas.com/cross-domain-communication-with-iframes
2) http://dojotoolkit.org/node/87
Once again i want to thank all the community members for giving me a
proper direction in solving the problem.
regards
--------------
rama
On Sep 18, 4:02 pm, david <david.brill...@gmail.com> wrote:
> Hi,
>
> there is pluging for prototype to do cross site AJAX, let's have a
Reply all
Reply to author
Forward
0 new messages