Hello i need to retrieve page source from site1.com to site2.com
I tried file_getcontents of php but my site is dynamic and unique for each users.
so i need to request page source using JAVASCRIPT
You can not do it because of the same origin policy unless the page and browser supports CORS.
like epascarello said, you can't due to the same origin policy. If you control both sites, you can use CORS to achieve it.
If you don't the best bet is to make requests to the domain you control, and have your server fetch what you need from the other url. It's called proxying. It's not that difficult to do.
Related
I'd like to create a client for last.fm. My music "station" feed is here, in JSON format: http://www.last.fm/player/station/user/skeftomai/mix.
However, when I try to access this via $.getJSON(), I get
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://my.exampledomain.com' is therefore not allowed access.
So unfortunately we have a CORS issue on last.fm's end. I'd like to work around this. Here are some things I've tried:
AJAX. This fails with the Access-Control-Allow-Origin error.
An iframe with document.domain set to "www.last.fm" or "last.fm". This fails with SAMEORIGIN iframe error.
JSONP. Unfortunately JSONP doesn't seem to be supported with this feed.
A <script> tag with src pointing to the feed link. Unfortunately $('#scriptTagId').html() is empty.
Flash. But unfortunately suffers from the same cross-origin issue.
Java applet. Too heavy, everyone might not have the JVM installed, and it might suffer from the same cross-origin issue.
I'm fairly sure I could get away with a web proxy whereby the client utilizes a server-size proxy to retrieve the feed...but I really, really want this to be a pure client-side app with no server-side. I'd like to host this on a CDN (S3 + Cloudfront).
Is there ANY way around this?
No, what you are asking for isn't solvable using the browser alone. If the 3rd party site doesn't support CORS or JSONP, you're out of options unless you control the 3rd party site or can use a server of your own (or any 3rd party proxy such as YQL) to obtain the data.
Here it is with YQL:
$.getJSON('https://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20json%20where%20url%3D\'http%3A%2F%2Fwww.last.fm%2Fplayer%2Fstation%2Fuser%2Fskeftomai%2Fmix\'&format=json&diagnostics=true&env=store%3A%2F%2Fdatatables.org%2Falltableswithkeys&callback=?', function (response) {
console.log(response.query.results.json);
});
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
I'm trying to access a SOAP web service on another server using ajax but I'm getting an Access Control Allow Origin error. The web service returns XML so JSONP can't be used and the web service is also being used in another app so modifications is probably the last option. Any solutions?
If you can't do JSONP, then your options are:
Craete a server proxy at the domain of the page that can fetch the desired result from the other domain and relay it to you from the allowed domain.
If you're willing to limit your browser support to some modern browsers, then you can investigate Cross Origin Resource Sharing (CORS) which is a "safer" way to do cross-domain requests. You can read about it here.
Cross-domain ajax support via Flash which requires the placement of an appropriate cross-domain policy file on the host of the server you want to access. See here and here for some more info.
You can set up a server proxy at the domain of the page.
This page would then call the soap web-service and give you back the response.
This page can then be called via ajax from ui.
Found the probably most easiest way by using Ajaxpro 2, of course it's meant for .NET. http://www.ajaxpro.info/
otherwise, jfriend00's suggestions are the next best options.
Is it possible to do AJAX calls from inside an iframe that has a different domain source?
I've tried script injection but it doesn't work because the iframe's source is secure.
I made a simple fiddle with California DMV website here.
I'm getting DOM exception 8 error. Is it a security issue?
It is not possible to modify or make JS calls in an iframe with a different domain source. This is restricted in all browsers for security reasons.
See the "Same Origin Policy" for a description of how inter frame security works. In a nutshell, there is very little communication allowed between frames on a different domain for security reasons. You cannot make any direct Javascript calls between frames on different domains.
There is a way to make cross domain ajax calls and it involves using JSONP. Basically, you inject a script tag into your own frame and that script tag points to server endpoint anywhere on the web. Since the src value of a script tag is not restricted by the same origin policy, you can reach that server. But, now you need to have a way to get that result back. That is done using JSONP where you specify in your server request a javascript function that you want the returned javascript to call. That returned javascript can have javascript data in it that is then passed to the desired function. JSONP requires cooperation between both client code and the server code since a normal ajax call might not support the extra part of JSONP. But, with this cooperation of both sides, you can get around the same origin policy for server endpoints that support JSONP.
HTML5 has a new messaging system that can safely communicate data (not direct JS calls) between cooperating frames in different domains. See here and here for a description of how the HTML5 messaging works.
Yes it's a security issue because of the Same Origin Policy enforced by most browsers: http://en.wikipedia.org/wiki/Same_origin_policy .
You can look into JSONP http://niryariv.wordpress.com/2009/05/05/jsonp-quickly/ which is specifically designed to get around this.
Is it possible to read JSON feed available in another site which is HTTPS?
I'm getting empty string in return.
It is possible as long as you respect the same origin policy. For cross domain AJAX you could use JSON/P or if you don't have control over the distant domain and it doesn't expose a JSON/P data you might need to setup a server side script on your domain that will act as a bridge between both domains.
You also want to check out CORS
http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/
Is there a way without using a server proxy to perform a cross domain GET or POST request?
If you are with only the current day browsers and have control over the external domain, you can use Cross-Origin Resource Sharing [CORS]
Most people do not have that luxury so you either have to use JSON with Padding [JSONP] or you need to use a serverside proxy.
As far as I know, there is no way to make a cross-domain request in JS, but you could just query your server and make the request from there.
Edit: as Russ Cam said above, look into JSONP.
Using YQL is an easy way of doing cross domain ajax. You can specify to have a JSON or XML object returned. IBM has a good tutorial: http://www.ibm.com/developerworks/web/library/wa-aj-jsonp2/index.html
Though just search for yql cross domain and it'll bring up numerous tutorials.
You could use Flash. Flash allows you to make a cross-domain request to another server provided that it serves a Flash cross-domain policy file (an XML file). So you will need administrative access to the other server in order to set that up.
If you think this option might be what you're looking for or you want to do SSL/TLS cross-domain, check out the opensource Forge project:
http://github.com/digitalbazaar/forge/blob/master/README
AJAX Cross Domain is a low-cost library that allows to perform cross-domain AJAX requests. http://www.ajax-cross-domain.com/