Cross Domain Ajax call EasyXDM - ajax

I'm trying to make a cross domain Ajax call using EasyXDM, because this gives support for IE apparently.
I have the following code, It says in the documentation that you need to call the cors file on the other domain, but it mentions you can skip that part, I want to skip it because I can't upload the cors file there and they have allowed my domain in the headers anyway. How do I write the code without declaring the cors file?
var xhr = new easyXDM.Rpc();
var response;
function getState(){
xhr.request({
url: "http://somedomain.com/misc/promo_getstate.php",
method: "POST",
data: {
email: 'sofia#hotmail.com',
source: '1304_Spring_dly',
country: 'DE',
}
}, function(response){
alert(response.status);
alert(response.data);
});

I know it's a little late, but you might find this link helpful (it's a blog post specifically about using easyxdm to do cross-domain AJAX):
http://easyxdm.net/wp/2010/03/17/cross-domain-ajax/

Related

Ajax calls from node to django

I'm developing a django system and I need to create a chat service that was in real-time. For that I used node.js and socket.io.
In order to get some information from django to node I made some ajax calls that worked very nice when every address was localhost, but now that I have deployed the system to webfaction I started to get some errors.
The djando server is on a url like this: example.com and the node server is on chat.example.com. When I make a ajax get call to django I get this error on the browser:
XMLHttpRequest cannot load http://chat.example.com/socket.io/?EIO=3&transport=polling&t=1419374305014-4. Origin http://example.com is not allowed by Access-Control-Allow-Origin.
Probably I misunderstood some concept but I'm having a hard time figuring out which one.
The snippet where I think the problem is, is this one:
socket.on('id_change', function(eu){
sessionid = data['sessionid']
var options = {
host: 'http://www.example.com',
path: '/get_username/',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Content-Length': sessionid.length
}
}
var request = http.request(options, function(response) {
response.on('data', function(msg){
console.log('Received something')
if(response.statusCode == 200){
//do something here
}
}
})
})
request.write(sessionid);
request.end();
});
And I managed to serve socket.io.js and make connections to the node server, so this part of the setup is ok.
Thank you very much!
You're bumping into the cross origin resource sharing problem. See this post for more information: How does Access-Control-Allow-Origin header work?
I am NOT a Django coder at all, but from this reference page (https://docs.djangoproject.com/en/1.7/ref/request-response/#setting-header-fields) it looks like you need to do something like this in the appropriate place where you generate responses:
response = HttpResponse()
response['Access-Control-Allow-Origin'] = 'http://chat.example.com'

Access-Control-Allow-Origin trouble with Mootools

I've this error on my page but I can't solve it Access-Control-Allow-Origin.
Here is my code: I wrote this in my html file :
<div id="elapsed" data-url="http://myurl1.com/fr/chrono/">
And here is my:
var initChrono=function(){var e=$("dd"),t=$("hh"),n=$("mn"),r=$("ss"),i,s,o;(new Request.JSON({
url: 'http://myurl1.com/fr/chrono/',
callbackKey: 'callback',dataType: "jsonp",onSuccess:function(e){s=e.elapsed;o=e.status;a()}})).get();var a=function(u){i=s>0?"-":"";if(!u)s-=1;if(o==0){var l="00",c="00",p="00",v="00"}if(o==1||o==2){var g=Math.abs(s)
Can some help me?
I don't know how to work with this Jsonp
Access-Control-Allow-Origin warnings in this case would mean the url you are trying to load is not in the same domain as the page making the request.
You are using Request.JSON in your code above when what you need is Request.JSONP. This method injects a script tag to load the content as javascript wrapped in a method named with the value of callbackKey:
callback({ ... })
Your code example is incomplete and referencing undefined vars, so I am not entirely sure what you are doing here, but I think the request you are looking for is:
new Request.JSONP({
url: 'http://myurl1.com/fr/chrono/',
callbackKey: 'callback',
onComplete: function(data){
// do whatever
}
}).send();
Fiddle example: http://jsfiddle.net/GbTJp/
Mootools reference: http://mootools.net/docs/more/Request/Request.JSONP
If you are also developing the page that returns the JSON, you will need to read up on 'returning JSONP' in whatever server-side language you are coding in. This page will need to check if the get var 'callback' has been set, and if so, wrap the JSON string in a method defined by 'callback', then return with Content-Type: text/javascript.
http://en.wikipedia.org/wiki/JSONP

Content loading with jsonp

I am a beginner at sencha touch2. i am trying to create a some app which contains a blog view. the code of the blog is given below. when i launch the app, the content fails to load, giving these errors. i am using wamp for localhost.
XMLHttpRequest cannot load " http://secureclick-media-maynemyltf.netdna-ssl.com/Extensions/rjs/c2.js". Origin< http://localhost> is not allowed by Access-Control-Allow-Origin.
XMLHttpRequest cannot load " http://api.yontoo.com/GetClientData.ashx?key=null&id=47a8564d-d089-4195-9564-72f107ea1c56&loc=http%3A//localhost/GS/&apps=bestvideodownloader,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube". Origin <http://localhost> is not allowed by Access-Control-Allow-Origin.
Ext.define('GS.view.blog',
{
extend:'Ext.navigation.View',
xtype: 'blogpanel',
config:{
title: 'Blog',
iconCls: 'star',
items:
{
xtype:'list',
itemTpl:'{title}',
store:
{
autoLoad: true,
fields:['title','author','content'],
proxy:
{
type:'jsonp',
url: 'https://ajax.googleapis.com/ajax/services/feed/load?v=1.0&q=http://feeds.feedburner.com/SenchaBlog',
reader:
{
type:'json',
rootProperty:'responseData.feed.entries',
}
}
}
}
}
});
You're not calling a JSONP service but a JSON one. You can detect it by calling your URL from your browser and see the content isn't starting by a method call.
So you're not bypassing Cross-Domain protections.
You can't just tell the server you want it to answer in JSONP : it must be ready to make such an answer.
And your browser won't let you access from another domain a server answering in json and not having set a header specifying he accepts this cross-domain request. Read this.
EDIT :
You may call this service using JSONP : you just have to specify a callback at the end of the URL.
In addition to this response format, the protocol also supports a
classic JSON-P style callback which is triggered by specifying a
callback argument, which directs the API to deliver the JSON object as
an argument to the specified callback.
Example from the documentation :
'https://ajax.googleapis.com/ajax/services/feed/find?v=1.0&q=Official%20Google%20Blogs&callback=processResults'

Crossdomain post with easyXDM

I'm trying to get a crossdomain post to work. I know I can easily use jsonp for GET, but I'm stuck as to how I can implement POST requests.
I've looked up easyXDM, but as I understand it the server also needs some kind of easyXDM implementation, in the form of a "cors" file or something.
Is that true? So if the server does not support it, there's no way to do a crossdomain post (without setting up a proxy, that is)
I've tried it myself with only local files:
<script type="text/javascript">
var xhr = new easyXDM.Rpc(/** The channel configuration*/{
remote: "name.html"
}, {
remote: {
request: {} // request is exposed by /cors/
}
});
</script>
And then do a request like this:
xhr.request({
url: "http://other.domain.be",
method: "POST",
data: {NEWS: "true", IMMO: "true" }
}, function(response) {
alert(response.status);
alert(response.data);
});
But that does nothing.
Yes, easyXDM.Rpc need to be initialized using the server cors url.
xhr = new easyXDM.Rpc({remote: "http://url/cors"}, {remote:{request:{}}});
If you don't want to use easyXDM, you can easily set up the server to accept all requests by adding : (doesn't supported by IE<8)
Header set Access-Control-Allow-Origin *
Header add Access-Control-Allow-Headers X-Requested-With
Header add Access-Control-Allow-Headers X-Request

dojo ---> django POST

I'm trying to send a json from the client using the method xhrPost dojo. But I'm getting a 403 errors. Any help?
var str_json = dojo.toJson(arr_markers);
console.log('json elements: '+str_json);
dojo.xhrPost({postData: str_json,
headers: { "Content-Type": "application/json"},
//content:{'prueba': 'HOLA'},
url:'/up_position_elements/',
handleAs: 'text',
load: function(response, ioArgs){alert('response');},
error: function(errorMessage){}
});
And how to read the json in the django view?
Which method should I use?
403 means "forbidden" which means that the view wants a password, cookie, or other form of authentication. Could you show us the view that serves /up_position_elements/ so that we can see what security-related decorators or logic it might contain?

Resources