Henry Minsky wrote:
Unfortunately, browser DHTML is even more restrictive than swf,
because there is no equivalent of a "crossdomain.xml" file
that you can put on a server to allow cross domain XML data loading.
The browser security settings are
very conservative, and access to 3rd party sites via script is not
allowed by default.
In order for an application to access XML data from a 3rd party site,
you must use some sort of a proxy
service to get the data, via the same server that your application
originally downloaded from.
Just a tip in case someone will google for this in the archives:
When accessing XML files (especially with dynamically generated ones),
you also need to set the Content-Type header to application/xml.
Otherwise, you'll get permission errors if you don't. =)
If you need to write a proxy script in PHP, there's a good curl library
at http://github.com/shuber/curl/. I wrote one based on it (but not for
OL apps) a few weeks ago and it was really simple. =)
I don't know of any easy way around this security limitation. There
are some proposals out
for standardizing a kind of crossdomain.xml file for DHTML, but I
don't know which browsers
support that yet.
Now that I think about it, I suppose it would be possible to embed a
tiny Flash application that
could do XML data loading, and communicate with it via the
Flash->browser communication API,
in order to at least load data from sites that have a crossdomain.xml.
I don't think anyone has done
that yet.
Regards,
[ simon.cpu ]
--
And /usr/games/fortune futurama says:
Bender: Yeah, well I'm gonna build my own lunar space lander!
With blackjack aaaaannd Hookers! Actually, forget the space
lander, and the blackjack. Ahhhh forget the whole thing!
