Skip to main content

How to work around the limitations set by Same Origin Policy...

Last week, I wanted to make some Ajax requests from a page generated by some web application to another web application. These two applications are hosted in two different servers, with different domains. To do this type of a thing, you can't use a normal method because of the limitations set in place by "Same Origin Policy".

Same Origin Policy is a security concept for client side programing languages. This policy prevents the client side scripts accessing the pages from different web sites. For an example, if your application is hosted in the "hostA" and a client side script of your application wants to send an Ajax request to a another application that is hosted in "hostB", then this request will be prevented by the Same Origin Policy. To be able to make that type of a request, both host and protocol should be same, according to the Same Origin Policy.

For more details :
http://en.wikipedia.org/wiki/Same_origin_policy
https://developer.mozilla.org/En/Same_origin_policy_for_JavaScrip

There are few methods listed below to work around this limitation. 
  • With html5 there is a method formalized for this, but it supports only in the newest browsers. 
  • Cross Origin Resource Sharing (CORS) : This is a way of enabling open access between cross domains by making the server to be accessed by the pages of other servers. This is an excellent guide for this method: http://enable-cors.org/
  • JSONP : This provides a method for requesting data from a different server with a different domain. For more details: http://en.wikipedia.org/wiki/JSONP  
When I was researching about these, I found an extremely cool JavaScript library called "easyXDM", which is developed by combining above methods. I highly recommend that library for anyone that wants some work around for the cross domain requests.

More details:
http://easyxdm.net
https://github.com/oyvindkinsey/easyXDM
Labels:

Comments

Post a Comment

Popular posts from this blog

Common Characteristics of Enterprise Applications

Last week, I was conducting a tech talk about “Architectural Patterns of Enterprise Applications” with our team. The discussion was mainly based on Marin Fowler's famous book “Patterns of Enterprise Application Architecture”. So, I thought, it's good to write something about that in my Blog. Given below are few common characteristics of Enterprise Applications. If any software product has the following characteristics, we can identify it as an Enterprise Application. These ware originally documented by “Martin Fowler”, in his book “Patterns of Enterprise Application Architecture”. Persistent Data - Enterprise applications usually involve persistent data. The data is persistent because it needs to be around between multiple runs of the program—indeed, it usually needs to persist for several years. Also during this time there will be many changes in the programs that use it. Lot of Data - There's usually a lot of data, a moderate system will have over 1 GB of data organ
Post a Comment
Read more

How to avoid those little issues one can get when creating new projects with Zend Framwork...

CSS styles my not apply to the templates : Some times this happens when you haven't created a virtual host for the application. After the virtual host is created styles will apply properly, or just use some url helper like "baseUrl" when linking the style sheets to the templates. Error messages when using the commands like "zf enable layout", "zf create db-table ....", "zf create model ...", "zf configure db-adapter", and "zf create action ...." etc... You may get error like "Action 'enable' is not a valid action", "Action 'configure' is not a valid action"......... etc... Reason for this may be, the Zend library is not in the include path. If so add the library path to the include path. Or check whether there are old libraries in any directories of include paths that conflicts with the new one. Check whether there is a one as a PEAR package. And check whether the "zf" c
Post a Comment
Read more

How to create a waveform animation with HTML and JavaScript

Recently, for a pet project, I wanted to create an animation of a waveform based on the varying decibel level of the microphone input. I was thinking about a really simple way to accomplish this with SVG and JavaScript. Given below is the first sample code I did on the Codepen. You can change this code to use with any framework of your choice. For this sample code, I am using a random number as the microphone input. You can replace it with any other time based input. Code Pen : https://codepen.io/nadeeth/pen/vmaYXw For this example, you need an HTML code snippet like the one given below. It’s just an SVG with a Polyline element inside.  <div style="text-align:center">   <svg height="150" width="400" id='svg'>     <polyline id="polyline-id" fill="none" stroke="#005c66" stroke-width="1" />   </svg> </div> And then the plain Javascript code to animate the polyline. You can
Post a Comment
Read more