Yeah, I guess that makes sense. Thanks for the suggestions. In fact I
should be able to bring all my services under one domain so I'll just do
that. It was a misguided attempt to improve security by keeping my
servers separate that brought me here in the first place!
On 2013-01-26 23:51 , Jerome Velociter - [email protected] wrote:
Hi,
Indeed you are hitting the standard "same origin policy".
You have 3 possibilities to circumvent it :
* With JSONP requests - if the server supports them, and only for GET
requests [1]
* With CORS/pre-flight requests - if the server support them [2]
* With a proxy (for example a page on your wiki) that does the URL GET
or POST, and you hit the proxy with your Ajax requests.
Hope this helps,
Jerome
[1] http://en.wikipedia.org/wiki/JSONP
[2] http://en.wikipedia.org/wiki/Cross-origin_resource_sharing
Le 26/01/13 05:03, [email protected] a écrit :
Hi,
I want one of my pages to make a post to another site and insert the
results into its page. Right now I've got a JavaScriptExtension that
looks like:
function doquery() {
new Ajax.Request('http://mat.exon.name/test.php', {
method:'post',
parameters:{
'arg' : document.getElementById('thearg').value,
},
});
return false;
}
I find that this does an OPTIONS request, but not the intended POST.
If I change the URL to a local page, the POST goes through as
intended. Am I tripping up over some kind of XSS defense, and is
there some way to turn it off?
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
