I have a piece of javascript executing on a jetty server which is sending a XMLHTTPRequest to a scoket on another server(wamp server). The request gets sent to the socket, however the XHR response seems to be getting blocked. My only thoughts on this is it may be an issue with XSS(cross site scripting). Is there a way in which i could enable cross site scripting for this particular request or is there something else i should be doing? Any help would be greatly appreciated!
A:
You cannot make xmlhttprequests to other servers. You have 2 options
- proxy everthing through the server that servs the javascript.
- use a
<script>tag to pull data off the otherserver using dynamically generated js on that server.
Byron Whitlock
2010-05-26 22:47:06
Oh yes you can :) IE has XDomainRequest and most newer browsers support CORS. So its wrong to say that you cannot, but it would also be wrong to say that you can, without mentioning on which browsers.
Sean Kinsey
2010-05-27 22:45:47
+2
A:
That sounds about right. Browser cross-domain policy blocks XHR requests to other domains. Try using the JSONP technique in order to circumvent this.
It may seem odd that cross-domain policy can be so easily circumvented, but that's because when a server exposes a JSONP interface, it is clearly a mutual agreement.
Good luck!
Matchu
2010-05-26 22:47:40
A:
Take a look here, this lets you expose an ajax endpoint across the domain boundary without the use of JSONP - its plain XHR with a little bit of cross domain messaging on top.
For the exact example of cross domain ajax, see this http://consumer.easyxdm.net/current/example/xhr.html
By the way, this is what the Russian version of Facebook (vkontakte, 75+mill users) uses for its API.
Sean Kinsey
2010-05-27 09:53:33
here is how I am sending the post..function sendInitRQ(width, height) {var post = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><command type=\"init\"><width>" + width + "</width><height>" + height + "</height></command>";sendPost("http://localhost:80/sokcet.php", post, initReturned);}function sendPost(url, postdata, callback) { xmlHttp=GetXmlHttpObject() if (xmlHttp==null) { alert ("Browser does not support HTTP Request") return } xmlHttp.onreadystatechange=callback xmlHttp.open("POST",url,true) xmlHttp.send(postdata);}I have never used JSONP before?any help?
shane87
2010-05-27 12:06:16
A:
Thanks guys for your response but I actually found that the issue was with same origin policy as I am running both servers from the same host but with different port numbers. JSONP seems like it may solve the problem, but I am going to try just use the one server now for completeness.
The following article explains my problem under the background heading. and in column four of the table.
shane87
2010-05-27 23:18:27