tags:

views:

151

answers:

2
+1  Q: 

Query URL for Log In Status, javascript

This may seem like a no-brainer, but I can't find a way to do this that isn't considered a security issue (other than the obvious ways)...

So, I want to build an add-on for Firefox to use with my team. Basically it will be a status bar icon letting us know if the authentication cookie for our tools site has expired, so we can tell without losing any work currently in the browser.

At first I thought I could have the add-on check the cookie, but this seems to be a huge hassle for such a simple idea. Then it occurred to me...DUH...that I could just have the add on try to access the main page of our site. If it gets a "Access Denied" response, it can show the icon for "Not Logged In", but if it gets anything else, it can show "Signed In".

However, all attempts to do this with AJAX are proving to be almost as difficult as my cookie attempts.

Is there a simple way, with javascript preferably, but in XUL otherwise, to say

var url = "http://example.com";
var response = pingURL(url, "blah);
status = (response = "Welcome!") ? "Signed in" : "Not Signed In";

where "pingURL" would be the method of "going" to the url and getting the response?

+1  A:  
function checkAccess(url, callback) {
    var xhr = new XMLHttpRequest();
    xhr.open("GET", url);
    xhr.onreadystatechange = function () {
        if (xhr.readyState == 4) {
            if (xhr.status == 200) {
                callback(true);
            } else {
                callback(false);
            }
        }
    };
}

This should work... Just call with "checkAccess('http://example.com', function(ready){});" as an example where ready is a boolean value.

devyn  2009-05-10 06:17:49
Doesn't look so good. I'm still getting this in firebug:uncaught exception: Access to restricted URI denied (NS_ERROR_DOM_BAD_URI)and it just sits there in Chrome. I'm pretty sure I'm missing something obvious.
Anthony  2009-05-10 06:41:02
God I hate SOP (Same Origin Policy). I don't think extensions should have it though... Are you running the XUL file in Chrome, as a Local File, or from the Web?
devyn  2009-05-10 21:23:40
Actually, I'm having an SOP problem myself right now... Too bad you can't access localhost from elsewhere. And I don't think Firefox has a "expose" option...
devyn  2009-05-10 21:24:58
A: 

Exactly why do you consider cookies a huge hassle? That would undoubtedly be faster and probably simpler to implement. Reading cookies from chrome is simple and well-documented. Ask for help if you can't figure out how to parse the cookie.

Matthew Flaschen  2009-05-10 06:44:24

related questions

Centos or Debian as a server OS ?
Where can I find a FTP Server with an API?
Technical issues when switching to an unmanaged Virtual Private Server (VPS) hosting provider?
Should I use a dedicated network channel between the database and the application server?
Do I need to leave gaps in a standard server rack?
Monitoring CPU Core Usage on Terminal Servers
Which hardware to buy for a new Linux server system?
Website Hardware Scaling
Ajax polling.
I ALMOST understand how email works, but I'm missing something.
How do you minimize the number of threads used in a tcp server application?
Perfmon File Analysis Tools
Cleanest & Fastest server setup for Django
Is there some way to PUSH data from web server to browser?
How do I secure my new web server (Server 2008)?
Subversion Management Tools
What kind of servers did you virtualize lately?
Closet server versus Colo?
Personal Linux web server
Error ADMA5026E for WebSphere Application Server Network Deployment
What means the error SECJ0222E in WebSphere Application Server 5.1
What is called a Node in a WebSpere Network Deployment
Can someone give me a working example of a build.xml for an EAR that deploys in WebSphere 6
Asynchronous multi-direction server-client communication over the same open socket?
Best way to access Exchange using PHP?