Views

Mixendo cross-domain XHR

Contents

Introducing the Mixendo cross-domain XMLHttpRequest (XHR)

The Web 2.0 revolution has transformed the web into a vibrant, dynamic, always changing cauldron of services and data; building on this environment, the mash-ups paradigm mixes up data and services from different sources into new, compelling applications. It's the future of the web.

It's not that easy though. When you build your AJAX mashup application you are confronted with the browser enforced Same-origin Security Policy for the XMLHttpRequest() object, that forbids you to load a page from a different server than the one where your web application resides.

The Mixendo Cross Domain XHR is the solution: it provides a transparent mean to (selectively) enable Cross Domain XHR for your web application.

1. Try Mixendo cross-domain XHR

You can test a cross-domain XHR request right here (and check the #Tech Notes in case of trouble).

URL: Enable XHR:
experiment with response rendering here; beware to strip anything outside, and including, the body

You can disable our javascript and see the usual failure!

To test it on your own website you only need to add this javascript line to your page: 

<script type="text/javascript" src="http://api.mixendo.com/lib/xhr"></script>

and just keep on using the XMLHttpRequest object as you would usually do!

2. Register and get a Key

Please note that this is a demo-mode usage only. In order to fully unleash the functionality (and our Mixendo XHR Security) you will need to Register in order to get your own Application Key

3. Configure your mash-up sites

configure your web application permissions, by specifying:

  1. Your web applications domain names, so that your key cannot be used by somebody else on another website
  2. Your sources domain names, the websites that you want your application to connect to, so that the end user of your application trust is improved

4. Include your personal script on your website

<script type="text/javascript" src="http://api.mixendo.com/lib/xhr/APP_KEY"></script>

5. You are done!

Now, you can learn more about the Mixendo XHR or Mixendo platform...

And please let us know

More on Mixendo XHR

Tech Notes

Please bear in mind the following about using cross-domain AJAX requests. An XHR requests will get a full remote page; then, it is up to you to decide what to do with it.

In the demo on this page, the result of your XHR request is both put into a textarea to see it raw, and inside an iframe (not with src=, but with innerHTML!) so that you can see it rendered. We use an <iframe> instead of a simple
, so that the imported page will not break ours.

We would like to remind you that simply getting a distant page and rendering it inside a page element is of course not very useful, and prone to errors: images might not load, javascript code might produce errors or try weird tricks to get control (this is why there is a button to recreate the iframe!), etc. Since the page is rendered inside an <iframe> if you click on a link this will change the SRC attribute of the iframe; you are not using an XHR request anymore, you are now doing normal <iframe> navigation, and you do not have access to the <iframe> content anymore from this page (this is why there is a button to re-create the <iframe>).

Go check the other demos to better understand what you can do when you can do free AJAX requests; those are just simple ideas, but we have grandious ones that will come out soon; you can return to this page to play some more, exploiting the live JavaScript parsing to do some advanced text treatment on your XHR response.
Retrieved from "http://mediawiki.mixendo.com/wiki/Mixendo_cross-domain_XHR"