I just finished a project in which a jquery dialog used a jquery.ajax call using get to obtain details of a transaction from a url on another domain, effectively a cross domain ajax request. Since firefox 3.0 does not allow itself to be set to allow cross domain requests, I had to use some other way. I could have just used an iframe, but that is another story in itself.
Here is the bit of javascript code.
function refaxorder(){
//idfield=$("#idfield").val();
query="urlid=1&inOID=" + idfield + "&inKey=" + key + "&inAction=reFax";
$("#actiondiv").html("<div id=actiondivin><div>Loading...</div></div>");
$("#actiondivin").dialog({autoOpen:false, modal:true, title:"ReFax", buttons:{OK: function(){$(this).dialog('destroy').remove(); }}});;
$("#actiondivin").dialog("open");
$.ajax({type:"GET", url: "proxy.php", data: query, dataType:"html", success:function(msg){
$("#actiondivin").html(msg);
}
});
}
To get around this, I implemented a couple of lines as proxy.php to act as a proxy. Please note that I am only allowing it to be passed the urlid instead of a url to prevent it from becoming an open proxy. Also IP based filtering could be implemented to make it more safer. Have a look, maybe it will come in useful for you too.
<?php
isset($_GET["urlid"])?$urlid=$_GET["urlid"]:$urlid=1;
is_numeric($urlid)?true:$urlid=0;
$url[0]='http://www.url1.com/test/test.php';
$url[1]='http://www.url2.com/test/testactions.php';
foreach($_GET as $key=>$value){
if ($key!='url') $query[]=$key."=".$value;
}
if (count($query)) $querystring=implode("&",$query);
$fullurl=$url[$urlid]."?".$querystring;
$fp=fopen($fullurl,'rb');
$page = '';
if ($fp===false) die("Unable to open");
while (!feof($fp)) {
$page .= fread($fp, 8192);
}
fclose($fp);
print $page;
?>
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.