Call A Public Script From A Domain Securely?
Jan 15, 2009
I want to call a script from one domain in another domain. How can I *guarantee* that the page calling the script is from my domain and not some hacker/malicious user?The context is that I'm writing my own commenting system, like disqus or intensedebate. They use javascript to imbed your comments (stored on their site) in your site.
Here's how intensedebate's "generic" approach works: You imbed this code into your page:
Code:
<script>
var idcomments_acct = 'YOUR ACCOUNT ID';
var idcomments_post_id;
[code].....
The problem is that anyone has access to your accound ID by just looking at the HTML source, so anyone can bomb your account...
View 1 Replies
ADVERTISEMENT
Dec 1, 2010
I wish to make an AJAX call to a script on a different domain - realise this is a security problem, but is this at all possible?
My client is embedding html web pages into his ebay listings, and he wants to centrally update the product information. Maybe there is a different / better way to go about this?
View 3 Replies
View Related
Dec 2, 2010
How know that for ajax call to different domain applies the same domain policy, but is there anyway to get around this using the cluetip plugin?
View 3 Replies
View Related
Jun 16, 2011
To make cross domain calls when json is required (JSONP) is easy
Code:
$.ajax({
url:"testserver.php",
dataType: 'JSONP',
success:function(json){
[Code]....
I see the XML comming in as a string argument of 'myCallback', but ist never called. Also 'success' is never called!
View 3 Replies
View Related
May 25, 2010
I am recentlyexperiencinga problem with .ajax calling cross domain asp.net webservice. It started working fine, until the data returned from server is becoming too big and suddenly the ajax call caused errors, if i reduce the data length then the error went away. After doing some debug, i have identified the problem being the callback was inserted into the returned data.
[Code]...
View 6 Replies
View Related
May 18, 2010
Is it possible to use $.ajax to call an external web service directly, or do I need to write a dot net server-side wrapper to consume the web service, then call the wrapper from jQuery ?
I have attempted a direct call as shown below, which works fine in IE but generates an error in Firefox, which I presume relates to the cross-domain scripting issue.
$.ajaxSetup({ cache: false });
View 2 Replies
View Related
Aug 1, 2010
I'm doing a JSONP query of a Wordpress database. Example call:[URL].. This code returns the expected data when executed on my local server. It also returns the expected data when I upload it to one of my remote servers. But it fails when run from the root of the domain it's calling, [URL]... no data is returned. (Behavior is the same for latest versions of Firefox, Safari, Chrome.)
I think there's something really simple going wrong here but don't know what it is. The only clue I have is provided by Firefox: When run successfully, all of the GET's appear in the JS subpanel of NET. The failed calls, launched from the domain containing the database, are listed in the XHR subpanel with a status of "301 Moved Permanently".
View 4 Replies
View Related
May 4, 2011
I trying to make a call to an external domain using $.ajax() and it WORKS, the server receives the call, but the response in firebug errors out in jquery.js line 7760. I've been beating my head at this all day and don't feel like I've made it much further.
I suspect it has something to do with the dataType or type of the request. But I've tried all kinds of things from POST to GET to JSONP in the type. For dataType, I've also tried "html", "text", "xml", "json", and even some combos of "text html" but no success.
[Code]...
View 13 Replies
View Related
Jul 12, 2010
All I'm doing righthere is calling a Perl script on an intranet server and using the xml results to popluate a <select> element. This works on my machine but a co-worker is getting a "Permission Denied" error when this function is executing onReady
function
populateGroups(){
var p = 1;
var groupNames = new
Array();
$.ajax({
type:"GET", .....
I had him run a tracert to that server and we all connected through the same network devices... And this works on a couple of other co-worker's computers. He also does have access to that server so that he can type in the url and get the xml results...
View 1 Replies
View Related
Apr 9, 2009
I'm writing a web page, which should interact with pages on another server using an iFrame. I want to use a form on the parent page to post to the URL on the iFrame and capture the response, without reloading the parent page.
Here are the details:I have a FORM on the parent JSP page, with some session data in hidden fields. The point to note is that the whole session data is on the client side, in encrypted form. This data should be posted to the server for each request, synchronous or asynchronous.Now, I need to call an application on a server on a different domain. For this purpose, I am using an iFrame. The session data in the parent page should also be passed to the application in the iFrame.
View 2 Replies
View Related
Jul 31, 2011
I couldn't do a xmlhttp.open("GET" [url] true)
The problem was something along the lines of the script not being allowed to call a page from another domain or something..
View 1 Replies
View Related
Jan 4, 2012
I am doing some development using jQuery $.getJson lately and found the following weird scenario.
1. open google chrome without any argument then load a local html file.
2. the local html file will need to have $.getJson[url] .... bla bla bla and jQuery.support.cors = true.
3. data will get loaded
But if you try to load the exact same json data from other domain or localhost, it wouldn't works.
View 1 Replies
View Related
Oct 28, 2011
I need to send data through POST to other domain.
My script is:
But I am still getting the error XMLHttpRequest cannot load [url]. Origin [url] is not allowed by Access-Control-Allow-Origin.
XHR finished loading
I set in the destination
I don't know why it dosen't work.
View 2 Replies
View Related
Jun 7, 2009
Is it possible to capture the domain change event OR domain of the target site in javascript? To elaborate, suppose I am on my site (www.mydomain.com) and if I type www.someotherdomain.com in the address bar, I want to capture the target URL/domain i.e. someotherdomain.com in the javascript code of my site (mydomain.com). I am trying to call sign-off function of my site upon customer navigation to some other site without loggin off. I can not use body/window onUnload function because I have a common layout JSP that would be reloaded for each and every page. So I am trying to capture the URL/domain of target site and check if it is different from teh current domain; Then only I will call my sign-off function to kill the customer session.
View 2 Replies
View Related
Jan 5, 2010
My form works just fine when testing on my local machine, but when I upload everything to the public server the form does not validate.
View 1 Replies
View Related
Nov 13, 2001
We have a form on our website, which ends up being sent to an e-mail address. The only problem is that some people access this form using public computers. When they press submit , the Internet Mail Wizard pops up and tries to make them setup a new account. Obviously because they are using a public computer we can't have them setting up e-mail accounts on that computer.
View 3 Replies
View Related
Apr 23, 2009
I've got a plugin which is structured as follows:
(function($) {
$.fn.MyFunction = function(o) {
// Here we have some parameters
return this.each(function() {
[Code].....
So what I'm looking for is how to reference MyExternalFunction from my html script. I've tried simply using MyExternalFunction(index) but I get function undefined.
View 6 Replies
View Related
Dec 31, 2011
This question applies to javascript generally as opposed to jQuery specifically. I want to be able to structure my scripts into classes, then create them using the "new" keyword, but here is the important bit: How do I make a js function private (or public for that matter)?
View 4 Replies
View Related
Mar 26, 2010
so I figured I can track one page of the private website (intranet) through Google Analytics. The way I do this is by creating a page on a public website with just GA code, then putting a 1px x 1px iframe on the private website.
[Code]...
View 2 Replies
View Related
Sep 20, 2006
I've spent several days trying to work this out. Maybe I'm just
searching for the wrong keywords/phrases.
I have some code that looks like:
[-- snippet starts --]
Console = new Object();
Console.init = function() {
this.STDIN = document.getElementById('console0_stdin');
this.STDOUT = document.getElementById('console0_stdout');
// set styles on the element references, eg:
this.STDIN.style.width = ï`%'
this.STDOUT.style.width = ï`%'
}
Console.focus = function() {
this.STDIN.focus();
}
Console.writeln = function(buffer) {
this.STDOUT.value += "
" + buffer;
}
[-- snippet ends --]
I'm not sure why, but the Console.focus() and Console.writeln() methods
just don't seem to be able to use the DOM references stored in
Console.STDIN and Console.STDOUT. Everything's fine in the
constructor, but other methods can't seem to use them.
View 8 Replies
View Related
Jan 4, 2010
I've just developed a plugin that mimics the combo box control, albeit it's a special one. That's being defined as follows:
function
$
{
$.fn.extend
{
[Code].....
But this isn't possible, since the $myList variable is a jQuery object. So I just defined some functions, say, $.smartList.getSelectedValue and the like... but in this approach, I've to pass the jQuery object to this functions as a mandatory parameter and this really sucks. i.e., I need to get the selected value of $myList this way:
var value = $.smartList.getSelectedValue
$myList
;
View 2 Replies
View Related
Feb 27, 2009
I'm about to start a project where the application is one used on a publicly accessed machine. It could be like, say, a ticket purchasing application in a kiosk machine; or maybe touch-screen app that tells grocery shoppers which aisle has coffee, etc.
So my question is, can javascript (or some other language?) be used to open a window without any controls (toolbars, menubars, titlebars, frame, etc) so that the user can't close the application (or resize, change, etc.)?
View 5 Replies
View Related
Jan 15, 2010
i need to post data from a form to a page on another domain, without leaving the current page.I am using ASP as a server language.
View 9 Replies
View Related
Oct 22, 2009
IM NEW AT THIS AND I'M WORKING ON MY FIRST WEBSITE. I USED iWED AND I DON'T UNDERSTAND WHY IT WON'T WORK. WHENEVER I TRY TO OPEN IT IT SAYS: Parse error: syntax error, unexpected T_STRING in /home/a2460084/public_html/beto/index.html on line 1
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">[code].....
View 3 Replies
View Related
Aug 3, 2006
I'm trying to do something, but I don't know if it's possible.
Basically, I want to have a public static class method that could
access a private object's method. I would like to be able to do :
Class.method(InstanceOfClass);
The method would then access a private function from Class by doing
something like
function method(param) {
param.privateMethodOfClass();
}
I've done a lot research and experimentations but just can't come up
with a solution... I don't even know if what I'm trying to do is
possible.
View 4 Replies
View Related
Apr 30, 2010
I need to make a $.post call on the beforeSend event of another $.ajax call.I read the documentation and I see that if the beforeSend return false the ajax call will be interrupt.So I made this code but doesn't work, because the real value of the beforesend function isn't true or false, is the value of the post.I have to do this because when you click on a link I need to verify before if you are able to do this via db permission of my webapp.I think you don't understand...This is the code:
$.ajax({
async: true,
beforeSend: function(){[code]....
});I see always the alert of success event, so the return of the beforesend is not correctly done.
View 3 Replies
View Related
