cross domain request sample

Feb 14, 2011 at 4:33 PM

Hi,

could you please provide sample for cross domain request using the datajs ?

currently the same code that works on chrome and firefox does not work on IE using JQuery package, any recommendation ?

thanks

Feb 14, 2011 at 5:11 PM

Hi fadihaik,

Is it possible you’re using IE6 or IE7 (or a later version in compatibility mode)? IE6 and IE7 do not have native JSON support so you’ll need to add an additional script reference to https://github.com/douglascrockford/JSON-js/raw/master/json2.js for cross domain requests.

<script type="text/javascript" src="https://github.com/douglascrockford/JSON-js/raw/master/json2.js></script>

If that doesn’t resolve the issue, please let me know (and please include the error you are seeing and the version of IE).

-Beth

Feb 15, 2011 at 3:23 PM

Hi Beth,

as far as I understand the options for cross domain requests are

  • Have the web server provide a relaying mechanism to redirect requests to the appropriate OData endpoint.
  • Use an XDomainRequest object. This option is not available in all browsers.
  • Use cross origin XMLHttpRequest object. This option is also not available in all browsers.
  • Prompt for consent on first use. This option is not available in all browsers and generally provides a poor user experience.

but unfortunatly XDomainRequest supported only in IE and XMLHttpRequest is not supported in IE ( but supported in many other browsers)

which means probably should be kind of generic solution that checks if IE /  XDomainRequest supported and use the right way to do the requests.

I wonder if such generic solution should not included withen datajs ?

beside that jquery so far does not support XDomainRequest maybe we should put effort there ?

Thanks in advnace,

Fadi Haik

Feb 15, 2011 at 3:35 PM

Hi fadihak,

I would recommend the use of a ProxyServlet or something similar that does the relaying for you. I would say that it's not the task of a library to cover cross domain requests. That are security related questions. JQuery also doesn't do it. But I may be wrong here ;)

Feb 16, 2011 at 6:37 PM
Edited Feb 17, 2011 at 9:08 PM

Hi fadihaik

We appreciate your feedback and yes we have thought on providing some more general mechanism to support cross domain requests;   the thing is that doing so involves certain security risk. That's the same reason why we disable JSONP support for cross domain reads by default. We consider this to be a more advanced scenario and expect the developer to consciously enable cross domain requests in the application if needed. To do this you have also the option to replace datajs http client stack with a custom one that supports cross domain requests using XDR if the XDR object is available and cross origin XMLHttpRequest otherwise. The library offers you two ways to use a custom http client.

1. Inject a custom httpClient object as a parameter in the call to OData.read  or OData.request:      

 OData.read("http://someUri", function success(data, response) {}, function error(error) {}, null, customHttpClient);   

2. Replace the defaultHttpClient;

var oldHttpClient = OData.defaultHttpClient;
OData.defaultHttpClient = {
    request: function (request, success, error) {
        /// Custom http client implementation.
    }
};
 

Regards,

Alex Trigo.

Mar 18, 2011 at 7:11 PM
Edited Mar 21, 2011 at 8:43 PM

Alex,

what would a custom http client look like - I am trying to call a dataservice that lives on a different host but in the same domain.

Any examples/links to point me in the right direction would be great

thanks
Michael

EDIT: FOUND SOLUTION

I ended up using JSONP by implementing the JSONP extension for WCF Data Services http://archive.msdn.microsoft.com/DataServicesJSONP

works great - the service I am calling is on our own servers so JSONP in-security really is not a concern for our scenario.