I'm trying to set up a system similar to Google AdSense that allows other websites to display some HTML content from my site on theirs. I've looked at the show_ads.js file Google uses to display Ads but to be honest I've not found it easy to decipher. I've also read that using a <script> tag to load a JavaScript file from my site is simpler than trying to do do this with an AJAX request. it discusses returning JSON rather than HTML.
BTW I know I could use an iframe to achieve something similar but this won't give me the result I need because the content coming from my site will contain a link back to my site and I want the link to be registered as an inbound link to my site for SEO reasons.
I'm working on a project at the office that pulls together a bunch of our websites into a portal thing and adds a better search engine. We're also trying to accomadate newer browsers (Netscape 7.2, Firefox, Safari) and are having some problems. The websites run on different servers, all of which we control, so we are setting the document.domain = "ourdomain.com"; in some javascript on ever page. However, we're having problems. We use popup windows for some things, and sometimes these popups want to 'populate' the parent frame window with a new page as a result of a user selection on the popup.
This works most of the time, but not always. For instance, in Netscape 7.2 it just seems to fail with an "access denied..." error in javascript. In Firefox and Safari it opens a new window and populates that instead of populating the original parent window. Can anyone point me at some definitive information about the document.domain property and how to use it effectively?
since a few days i try to load external html content from another domain. obviosly it is hard to access cross domain content wit javascript ajax methodes. first i' ve tried iframes but access denied. after that I' ve tried $.ajax but all request returned zero byte data from server. here is a way that seems to work but raise an error while processing data from text to json object
i can see the server response in firebug and it requests the html data. but as i sayd i raise an error while converting to json. any chance to get raw data before jquery konversion? or maybe any other way (s) to request html data in text format from cross domain?
Is there any way to resize an iframe dynamically to the height of its content that works cross browser and works when the iframe content is on another domain than the main page (I have access to both pages, so code can be put in either) Also, it must resize when links in the iframe are clicked (ie when a new page within the iframe is loaded)
Is it possible to run an HTML file from "localhost" and bypass the various security checks in place for cross-frame scripting? For example, on a 2-frame page loaded locally:
a) frame 1 includes a form that accepts the name of a web site (example: www.foo.com), which a script or perhaps a "target" attribute then loads into frame 2 b) frame 1 waits for frame 2 to load, then reads (for example) top.frame2.document.images.length and displays the total in frame 1
I realize that "localhost" is not going to match the domain appearing in frame 2, but as I myself am running the script, logically, where is the harm?
I haven't done much testing with this yet, but am planning an application around this concept and am hoping I can make it work. Any pointers?
I need to html encode all text field values on the client just before sending them to the server. A javascript equilalent of Server.HTMLEncode in IIS. I also need to be able to perform the reverse.
All I am trying to do is ensure that if a user enters html tags in the a form, that the tags does not get parsed by the browser.
I'm fairly new to javascript and JQuery so please bear with me. I've written a simple app using JQuery whose purpose is to select the fastest mirror site. To this end I use several $.ajax calls - one to each mirror site -and I don't do anything with the data I get from these, I only use the order in which they respond to sort the sites from fastest to slowest. I'd share the code, but really the only thing it does is call the $.ajax function and append a line in a table using the success: callback. This works perfectly fine for most browsers, except IE which throws the 'access is denied' error. I know about cross domain restrictions and understand the reasoning behind - my plan was to put my script in the 'trusted' zone and enable the required options to bypass the problem as this will be used in a controlled environment, but no matter what I try my code won't run in IE. Some of my mirror sites are indeed in a different domain. What I have trouble understanding is why all other browsers (FF, Chrome etc), with their default configuration, allow my code to run flawlessly? If the reasoning behind IE blocking this is correct, then why do others allow it? Also obviously for my purpose using a server-side proxy makes no sense as I want to test the sites from the client side, not from the server. I've also read about other work arounds such as JSONP but unfortunately the sites that I'm testing cannot support this. But once again, what I'm really wondering about is why my code works flawlessly in other browsers..
I'm new to this group, and after doing a lot (and I mean a LOT) ofsearching, I can't find an answer for my problem:I'm basically trying to do a simple $.getJSON, and the setup issimple:Firefox 3.5 MacOSX, latest jQuery (1.3.2)the json file named "myjson.json" (I've reduced its contents to itsminimum for testing purposes and it validates in JSONLint):
{"result": "true"} The javascript: $.getJSON('http://site1:8888/myjson.json', {}, function(data) { alert
I'm building a web app that provides music information (i.e. info on artists, albums, songs, etc.) and for the info source I'm using the MusicBrainz API.
Now, I'm trying to load the data from an API call and process it, with jQuery.
This is the code I'm using:
With 'queryString' being the URL string for the request, and then I'd proceed to read the data out of the 'xml' object. Fairly simple.
However, this is where problems arise. The code works flawlessly when running locally on my computer, but does not work at all when I upload everything to my web server and try to run it there. I did some reading and have discovered that AJAX calls can't be made across different domains, due to security issues.
So I've read through numerous solutions, but almost all require either something with PHP (which I have absolutely NO knowledge of) or grabbing the data in JSON format (which apparently isn't subject to the same security restrictions). However, my main problem is that the MusicBrainz API does not return data in JSON format (in fact the only format it returns is XML).
The following topic had driven me nuts for a few hours. I have been reading article after article trying to get this to work, with no luck. Lets start with what im trying to do.I am making a JS file that people can link on their webpage, and will create tooltips on links (from data from my database). Ok np. I have a php file for testing.
Code: $item = $_GET['item']; if ($item == "test") {
I'm trying to dynamically set the height of my Iframe. my https: main page is calling another https in an Iframe. But i get an access denied error from my javascript trying to call the parent document.
Main https page <IFRAME APPLICATION="yes" style="width:100%;" id="iframename" frameborder="no" scrolling="no" SRC="https://www.otherdomain.com">
otherdomain.com html ------------------------------------------------ <script> function bodyheight() { x = document.body.scrollHeight parent.document.all.iframename.style.height = x } </script>
We have a javascript that is vulnerable to XSS because the input to the script is not being checked for strings such as "javascript", "eval", "script" etc. I have seen some snippets of code here and there on how to check the strings but I have not yet found a comprehensive js library that will clean user input of all offending characters. What complicates it is that phishers can encode characters to bypass the usual amateurish attempts to clean strings of offending characters.
I have two websites. One is my mediaWiki, and one is my production site.I would like to use the mediaWiki APIand $.post() to login to the wiki and retrieve pages from the Wiki.
I need to send XML / XML string to a web service cross domain.I have a JavaScript function that creates the XML by selecting the fields on the page and formatting the values into the required XML document. The HTML page is running on the users local machine but need to send the XML to a public secure (SSL) web service (ASMX) that has one argument of type string.I have tried to come up with a solution and the only one that is currently working is JSONP with GET. But this results in the data being send as part of the query string and is in clear view, thus beingintercept-able.
I am recentlyexperiencinga problem with .ajax calling cross domain asp.net webservice. It started working fine, until the data returned from server is becoming too big and suddenly the ajax call caused errors, if i reduce the data length then the error went away. After doing some debug, i have identified the problem being the callback was inserted into the returned data.
Is it possible to use $.ajax to call an external web service directly, or do I need to write a dot net server-side wrapper to consume the web service, then call the wrapper from jQuery ?
I have attempted a direct call as shown below, which works fine in IE but generates an error in Firefox, which I presume relates to the cross-domain scripting issue.
Yet, when i made the json calls(cross domain), it just return me nothing. However, under the same domain, I got the pop-up alert and return me the relevant data. But getJSON is suppose to be feasible across all domains irrespective of the same-origin policy.
I'm trying to load google.com from a test html page using jQuery-1.5.1 but unable to do it.I've tried all the 3 methods listed but to no success.Below is the code snippet for the same & the output that I'm getting.
