Cross site AJAX - While developing across several domains I found A...

a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

22153 total geeks with 3252

solutions
Recent challengers:

● rnikkila2 level 8 - 08:22AM

● Brenn0 level 1 - 03:47AM
● digitalfate level 3 - 01:38AM

Welcome, you are an anonymous user! [register] Get a yourname@osix.net email address
[login]

Articles Article viewer

● C
● Windows Cross site AJAX
● Dot.Net
Security Written Search More articles
● MaxMouse
by:
● Visual Basic OSI by MaxMouse.
Published about
Miscellaneous MaxMouse
● by: PHP.
● Show/Hide... Published 2009-10-29 viewed send printer
on: 10:18:42 1169 this friendly
Topic: PHP times article
GEEK
Digg this!
● Challenge
● Bonus Levels
Rate this article : -
● Geek Reverser
● View Solutions While developing across several domains I found AJAX
lacking, in that I could only request an XML document from
● Test Centre the same domain the script was currently executing from.
● Hall of Brain Since I required some data to be shared across several
domains I ended up with duplicate XML documents,
● Hall of Bonus updating them meant updating the master local XML
● Hall of Reverse document then uploading it to all of the different servers
one after another. The following is a demonstration on
● Geek or Freak
cross site AJAX using a PHP proxy, pAJAX anyone?

http://osix.net/modules/article/?id=946 (1 of 7) [2/21/2010 8:39:16 AM]

Cross site AJAX - While developing across several domains I found A...a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

User's box AJAX, Asynchronous JavaScript and XML is a fancy way of

saying "Make the browser retrieve and parse some XML",
Username: the important line of (JavaScript) code i want to talk about
here is:

Password: request.open("GET", "some-file-on-the-server.xml",

true);

Login In my case i was using it to process an XML file containing

Securely data for google maps, the XML document is in the
following format:
Forgot password?
New account <agents lat="" lng="" company_name=""
individual_name="" additional_info="" phone=""
mobile_phone="" fax="" email="" url="" />
Shoutbox
Todd434 As outlined in the summary what I needed to do was this:
CA was dying, In
a way, having the request.open("GET", "http://www.some-site.tld/some-
site go down may file-on-the-server.xml", true);
turn out to be a
good thing,
rebuilding the Currently only firefox (>3.5) supports this kind of thing
site may help get with minor changes in XML and code, but since I had to
members etc... maintain browser support for the big 5 I couldn't use this
method.
redore
heh that CA thing What I decided to do was keep one XML document on one
is an end of an server then use PHP to handle the rest on all other servers,
era for sure. lets say our XML document is at http://www.max.com/
Wonder if CA-v2 document.xml, for each site i would like that to be
will live up to its
available I used the following.
predecessor.
Nightscript AJAX Request:
NS is back now, request.open("GET", "cross_site_xml_engine.php",
any words on the true);
CA site situation?
Nightscript
Unfortunatel y cross_site_xml_engine.php - code:
<?php
Ive got to be on
header("Cache-Control: no-cache, must-revalidate");
hiatus for a few header("Content-type: text/xml");
days, see you echo "<!--Cross site XML Engine: Written by MaxMouse
guys friday! \nThe below contents exist at http://www.max.com/
document.xml\n-->\n";

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,'http://www.max.com/
document.xml');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$contents = curl_exec ($ch);

http://osix.net/modules/article/?id=946 (2 of 7) [2/21/2010 8:39:16 AM]

Cross site AJAX - While developing across several domains I found A...a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

SAJChurchey curl_close ($ch);

Not sure why CA. echo $contents;
net is down. ?>
Someone said
that someone
else was working So now, on each server i have the above code, the AJAX
on something to request is happy because I'm requesting a file that resides
get it back up. on the same domain, as you can see the PHP code uses
cURL to get the data from http://www.max.com/document.
xml, it changes the header to XML and simply outputs the
Donate
result, as far as the AJAX (JavaScript) request is concerned
Donate and help us cross_site_xml_engine.php is simply an XML file.
fund new challenges Whenever i update http://www.max.com/document.xml all
other servers echo the change instantly without me having
to re-upload to each of them, and the browser won't cause
Due Date: Feb 28 inconsistency with caching issues because I have modified
February the cache-control header.
$30.00
Goal:
Gross: $0.00
Did you like this article? There are hundreds more.
Net Balance: $0.00
● Join OSIX
$30.00
Left to go:
● Get Involved
Contributors
● Challenge or Test your skills

News Feeds Comments:

The Register
Domuk Depending on the need for it to be in XML,
Everything you ever 2009-10-30 you could instead store it in JSON and load
wanted to know 20:45:55 it as a JS file - an AJAX proxy is a nice
about Xbox hacking alternative though, especially if it caches.
Sagem DTR94500S HD
Freesat+ DVR
MaxMouse I never really looked into loading it as a .JS
2009-11-02 file, i was using stock code from google
Google (finally) 09:07:12 which just looped through an XML file,
nabs On2 video
modifying it this way allowed me to not
codecs
touch the standard code. As for caching, i
Open source - the didn't want that to happen (Hence the
once and future header change) because if i edit the XML
dream and the browser uses cache it won't be
Opera cuts cord on reflected in the end google map.
first open-source
baby
Cisco and HP - the
gloves come off
Open sourcers
fortify Ubuntu"s
Koala food

http://osix.net/modules/article/?id=946 (3 of 7) [2/21/2010 8:39:16 AM]

Cross site AJAX - While developing across several domains I found A...a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

Nokia pulls the Domuk I mean caching on the server-side, not

plug on wireless 2009-11-02 browser caching - if the site gets big, you
payment handset 20:35:20 don't want every hit to also hit another
Symbian needs your server - especially if the XML changes less
help. Please than every ten minutes or so. I see that as
Archaeologists nail being the main advantage of using a PHP
Bosworth Field script as a proxy, really, since I'd expect
the curl hit to be the majority of the
Slashdot request time. Also would let you carry on
The Surreal World regardless if the other site went down.
of Chatroulette
Atlas V"s Sonic
As for modifying the standard code, if the
Boom Made Visible
argument to the function is a URL then it
By Sundog seems odd but no, nothing you can do - if
you're handling the AJAX yourself, then you
Stone Tools Found
can just load the JSON'd XML structure at
on Crete Push Back
the time when you'd do the AJAX request.
Humans" Maritime
All something of a moot point when you've
History
got a working solution though!
Photoshop 1.0
Recreated On iPhone MaxMouse I see. The XML doesn't change that often,
"Immortal Molecule" 2009-11-03 every couple of days maybe, and if the host
Evolves — How
09:19:35 server dies, it's only a Google map, it isn't
Close To Synthetic critical data. If it where critical I suppose i
Life? could also have run a PHP cron job to
periodically download the XML document
Fingerprint
and save it, then use the AJAX request as
Requirement For a
standard.
Work-Study Job?
Math Anxiety Have you looked at Firefox's AJAX cross
Affects Skills As site AJAX support?
Basic As Counting
Domuk No, I haven't. It was a sin when IE added
USPTO"s 1-Click
Indecisiveness
2009-11-04 its own tags back in the day, now that's the
Enters 5th Year
00:07:15 norm for other browsers. But now Firefox
adds functionality that would actually break
Ars Analysis Calls
apps for non-Firefox users? I dread to think
Windows 7 Memory
of new developers not understanding the
Usage Claims
issue and building their first app around it.
"Scaremongering"
Students Build 2752
MPG Hypermiling
Vehicle

http://osix.net/modules/article/?id=946 (4 of 7) [2/21/2010 8:39:16 AM]

Cross site AJAX - While developing across several domains I found A...a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

MaxMouse I never use IE, i still have to code support

2009-11-06 for it though, IE doesn't even pass the
09:36:07 AcidTest (http://www.acidtests.org/) MS
have known this since IE6, currently i have
the big five installed (IE, FF, Chrome,
Opera, and Safari) for testing and all but IE
pass the acid test, so i have little time for
it. Both firefox and Opera have their own
"Special" support for things it's completely
insane.

Also, i do hope no one falls into the trap of

using functionality which is supported on
one client but nothing else.

Anonymously add a comment: (or register here)

(registration is really fast and we send you no spam)

BB Code is enabled.
Captcha Number:

Add Comment

Blogs: (People who have posted blogs on this subject..)

elasolova My PHP Projects on Sat 26th Sep 10am

I have been developing PHP applications for almost a year
now. I have developed three projects. One is a simple trivia
game. The other is a question-answer based community at
http://www.javaist.com/quans . The last one is a
programming challenge site just

countll Blog entry for Thu 25th Oct 7am on Thu 25th
Oct 7am
soo nu on this wicked world of NET. just decided to dive in
today..hope friend aroun here can help

http://osix.net/modules/article/?id=946 (5 of 7) [2/21/2010 8:39:16 AM]

Cross site AJAX - While developing across several domains I found A...a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

Test Yourself: (why not try testing your skill on this subject?
Clicking the link will start the test.)

Test of experience (hopefully) by AcidIce

Things you're only likely to know if you've actually

written a lot of PHP before :)

Related Links:
Oracle jumps on PHP bandwagon
Oracle is the latest database vendor to put its weight behind the PHP
scripting language for business, with a new tool that integrates PHP
applications with its databases...
The Lockergnome Universe for May 2005
Feed the Need! nbspWindows Fanatics nbsp..
Add barcodes to your Web apps using PEAR and PHP
One way to tie hardcopy items to backend systems is by providing
barcodes through Web applications. Phillip Perkins demonstrates how
easy it is to use the PEAR::Image_Barcode class in PHP to dynamically
create barcodes for Web applications...
The Lockergnome Universe for April 2005
Feed the Need! nbspWindows Fanatics nbsp..
PHP 5 Unleashed
Over 12 million Internet domains worldwide use the PHP language to
power their websites. If you are a programmer included in this group,
or would like to be one, you should pick up a copy of PHP Unleashed.
The definitive guide in PHP programming, PHP..
Mandriva Linux Security Update Advisory - php (MDKSA-
2005:072)
..
SAMS Teach Yourself PHP in 10 Minutes
Are you one of those people who think there isnt anything substantial
that you can do in only 10 minutes? Think again. Sams Teach Yourself
PHP in 10 Minutes is a no-fluff, just-the-answers guide to building
dynamic websites using PHP. Broken into 10 ..
Slackware Security Advisory - PHP (SSA:2005-095-01)
..
Apache Security
This all-purpose guide for locking down Apache arms readers with all
the information they need to securely deploy applications.
Administrators and programmers alike will benefit from a concise
introduction to the theory of securing Apache, plus a wea..
Beginning PHP 5 and MySQL E-Commerce

http://osix.net/modules/article/?id=946 (6 of 7) [2/21/2010 8:39:16 AM]

Cross site AJAX - While developing across several domains I found A...a demonstration on cross site AJAX using a PHP proxy, pAJAX anyone?

norburym (Mary Norbury-Glaser) writes Beginning PHP 5 and MySQL E-

Commerce: From Novice to Professional by Cristian Darie and Mihai
Bucica is a valuable resource for the web developer/intermediate
programmer who is preparing to create a database-dri..

PHP cookies

PHP Cookies

PHP 102

PHP 101

Prevent spamming of your web forms with CAPTCHA

Arrays in PHP

Cookies in PHP

Getting Classy with PHP

A PHP coders diary Part2

A PHP coders diary Part1

Your Ad Here

Copyright Open Source Institute, 2006

http://osix.net/modules/article/?id=946 (7 of 7) [2/21/2010 8:39:16 AM]