I need to send some of my data into another server. Actually to post into facebook. So here i already have an API which works by an URL.
So if i set the parameters from the URL and if i try it in web browser it works. But when i try it as a AJAX call it do not work. (Because its not hosted in the same server as my web pagers are).
Is there any way to send this URL in the background??
You cannot. For security reasons, Javascript can't initiate requests to sites in different domains.
The only way to do that would be query your own server and have it query the external API, and then respond to your page.
You will have to write a proxy routine on your own domain that communicates with your JS on the one hand and with third party domain (Facebook) on the other.
I created a iframe dynamically. It seems working.
Related
Could you please advise on the following?
Let's assume I have a local html page stored on my local drive "c:\test.html".
If I open it in a browser, it's treated as a GET request to this page, right?
Is it possible to send, for example, POST request to the same local page, with "fetch"?
And inside "c:\test.html" to check if it was requested with POST method, return something?
It would be something like a local-PC API.
Static HTML pages do not have any request capabilities. What's actually happening here is that there is some sort of server that takes your request and responds with the HTML document. You would need to host your own server of some sort that could take and respond to requests. For this, libraries like express.js work well.
Edit: If you are accessing it through a file:// url, your browser is just reading the file off your drive directly, so you would need some sort of localhosted server.
This is not how it works. When you open a file with your browser, it uses a file protocol, not a HTTP protocol. Look at the URL. You'll see what kind of protocol was used to retrieve the resource.
So no, you cannot sent a fetch request to a local file. You have to establish a proper sever in your localhost and let it handle requests. Local files do NOT handle requests. Servers do.
I have a PHP app that renders HTML pages for a social media application that I'm creating. Then, JavaScript initializes and makes things interactive. The PHP side of things logs into a separate webservice with curl.
Now, I can't figure out a way to share the session started in PHP with JavaScript, so when I make a AJAX request in JavaScript to the data server, its authenticated.
Is there a way to share a PHP session with JavaScript? Or to share authentication initially created with PHP with JavaScript?
I would say it sounds like there is something wrong with your architecture. In my opinion, the web server itself, should be the only peer providing data to the client/browser. It's a two party conversation only.
When trying to hit a third-party server from the browser, you violate the browsers Same-Origin Policy, unless you specifically allow CORS by explicitly setting various request and response headers. - and you would only do so in very special situations.
The best solution might be to create proxy services at the web server, that can be hit directly (locally) by the browser. The web server can then (acting as controller) forward the data-request to the data server (model) and finally return the response to the browser (view).
You can read out the session cookie set by PHP (SID I guess) through JavaScript containing the session ID.
When you make a query, use
http://example.com/?sid=SessionID
Is it possible to make javascript based web proxy, where the url entered by the user is fetched by the javascript directly without going to the proxy server ?
You are not going to be doing it with pure JavaScript unless the JavaScript happens to be running on the server.
You can use a service like Yahoo Pipes and get the page via a JSONP call.
I have an application on one domain which needs to get data from an application on another domain.
I would like to use an iframe based cross domain ajax tool such as porthole.js to implement the following:
My application loads a page on the other server in an iframe.
A message is sent using porthole to the iframe.
The page on the other server checks to make sure the calling url is valid, and reads in the url of the ajax request it will make from the message.
The remote page then uses the passed url to make an ajax request.
The results are passed back to my application.
This solution lets me use the remote json data without systematically altering all of the services, which are built and managed by another team. If it doesn't work, I would work with them to use a system that uses porthole.js or jsonp for cross domain scripting.
The point that concerns me, though, is step 4. Does this count as an ajax call from the remote document inside the iframe, which would be able to make ajax calls against it, or does it count as a call from the outer window, which can't use ajax to call that domain?
Jeez, just use CORS. It's a one-line change to the web-server config.
Is it possible (and if so, what's the most secure way) to read a JSON file from a subdomain such as somesubomain.maindomain.com in a JS script residing in maindomain.com, another.maindomain.com etc?
Thanks!
Have a look at how document.domain works: https://developer.mozilla.org/en/DOM/document.domain
Another solution would be make your json file a JavaScript file (jsonp-style) which calls a function so it can be embedded using a script tag which does not have same-origin restrictions.
Your not supposed to due to the same origin policy enforced on all browsers, but you can... Check out this explanation of cross domain ajax requests.
http://alexsexton.com/?p=154
JSONP is what I found to be the easiest to work with for this type of stuff.
I do this two ways:
Have your server make the call on behalf of your client. What I mean by that, is take the call you were going to make from the browser, and make it a web service on the server. Then have your client call your webservice, which will then make the call and return the response. This allows you to inspect what's being sent back and forth.
Use JSONP. Their server must be configured for this, and I'm not sure there is any added security..