Except YQL ,Is there any way to get ajax's response and data from other domain without modifying server side's code?
YQL has limit (1000 calls per hour) for free user , but most of people said it's actually less.
If what you mean by "without modifying server side's code" is not modifying the server of the data source, then you can have your own proxy server (basically making your own YQL server) to read the remote data. This is possible because the server-side is not bound to the Same-Origin Policy.
So you can AJAX your server, then let your server read the remote server using some form of wget, curl or fopen, and return what was retrieved:
Remote server <- fopen, curl or wget -> your server <- AJAX -> browser
You can use a HTML 5 feature which is postMessage to do cross domain calls. Again it is not supported in all the browsers. Look at the following link for implementation:
Cross domain call using postMessage
You can use the iframe receiver pattern. It's an old technique. See Secure Cross-Domain Communication in the Browser by Danny Thorpe on MSDN. You dont have to use JSONP but still can make cross-domain calls
Related
I have a WCF web service hosted on Azure as a cloud service. I am trying to send a POST SOAP request from an HTML/JS web application it appears I cannot POST a SOAP envelope across domains. I have tried a variety of POST techniques with no avail. Has anybody experienced this before and/or is aware of a work around?
Any help would be appreciated.
Cheers
No, this is not possible, as per AJAX cross-domain requests cannot be made unless the server says " I'm ready to accept".
Normally, when you make a cross domain request an OPTIONS request is made to the server, to check what all methods and options are given allowed at the server. The server responds with a set of headers which says further communication can be made or not.
So, if you want to do a cross domain AJAX POST/GET, you can do it provided either of the following is possible
-> Server says "I am ready to accept" for your client request - which normally does not happen
-> Use a proxy server in your layer, to forward the request to target server, and revert back the response.
For more info, you can scroll on MDN forums or CORS facts.
I know there is an almost duplicate question, but the answer is not satisfactory at all.
I need to do geocoding using the Openstreetmap service which runs over HTTP.
My site runs over HTTPS.
It seems impossible to do JSONP request from https to http, browser (Chrome) complains about insecure content.
Any solutions?
The reason that the browser complains about insecure content is that the content is insecure. The entire purpose with a secure page is that all of it is secure, and can be trusted.
You can set up a proxy page in your secure site that requests the insecure content. There you should verify the content before it's sent to the browser, so that it is actually secure, not just pretending to be secure.
If you want to make a POST request to an external service that runs under HTTP while the initial request is coming from HTTPS it will always be considered as insecure.
There's, as far as I know, no way around it.
What you can do, is POST to your backend which send another POST request to the service that is running under HTTP. From there just return the value returned by the HTTP service.
For whom it may concern, this is how I sorted it out myself.
1) my Javascript code calls an AJAX page on my server with the parameter I need to forward to the service
2) the AJAX page makes a request via CURL using the address
3) I sanitize the response and turn it into JSON
4) with Javascript's callback-on-success I use the data
I want to make a request for a JSON object to a server, that I dont have access to. So I have to work with the JSON object I receive.
Since cross domain requests are not that easy (as I read) I would like to know if they are also working if you cannot modify the way the server responds.
What I read is, that JSONP is for cross platform, but you have to modify in some way the server-side response.
If the webservice doesn't support JSONP, then you can't do it in javascript on the browser side. It is because of a security on the browsers. This security doesn't exist on your server, though.
You'll have to use a proxy, calling the webservice on your server (PHP or w/e).
For example:
The javascript on your browser calls your server on the same domain.
Your server on the same domain calls the webservice that doesn't support JSONP.
Your server sends the JSON answer back to javascript on your browser.
i need to consume a web api, which is located here
http://46.253.202.174:8080/ws-api/v1/rest/zdata/codesByJurAndUsage?jur=Boston,%20MA&usg=barber
I don't have any details of how it is implemented or access to the code of the API, I'm just trying to consuming the API, I can see the JSON return data if i type the url in the browser, but when i'm trying to call the API using $.getJSON, it gave me an access denied error. I understand that its a cross domain issue. I also tried a few other things, like jsonp data type, with no success. My question is, if i am able to see the results in a browser, shouldn't i be able to get the results from the scripts, or its no necessarily true?
Secondly, is there any other way, if the things i have tried so far was not successful.
thanks
You are correct, you won't be able to load this data via $.getJSON due to the Same Origin Policy restrictions. You'll need to load it via JSONP, or, if the service doesn't support JSONP (which it looks like it doesn't), via a proxy. A couple of options:
You can set up a proxy on your own server via PHP or another server-side language. This will allow you to request the data from your own server, getting around the same-origin restriction. You might look at a project like Simple PHP Proxy for this purpose.
You can use YQL as a proxy - this sends the data through Yahoo!'s servers and then you can load it via JSONP. Applying this technique with jQuery is discussed in this article.
I need to use AJAX to get the content of another page located on a different server from the one the AJAX is loaded from. The AJAX needs to send a POST request then return the result. how can i do this?
Set up proxy on your own server. Have your server call theirs and return the result.
if you control both servers, you can use one of the HTTP header fields for cross-origin resource sharing:
http://www.petefreitag.com/item/703.cfm
https://developer.mozilla.org/En/HTTP_access_control
There is no way to go around that policy. This policy is there for very good reasons.
That is also no problem as long as you're in control over the web application. You could simply redirect the call to the other server from your webserver and pass the result. This would work out like a proxy.
If you want to do that on the client and cross browser, you need some cooperation from the other server.
Either by:
1) using JSONP (inject a script tag with a callback function)
Only GET calls are possible though.
Security is an issue as the script has access to all resources in that page(data, cookies, ...).Here's a post that explain how to sandbox them and keep the data in your page safe.
2) POST looks possible using Kris Zip's window.name technique
If the cooperation from the other server is impossible, the server proxy as described in other answers is, to my knowledge, the only option left.