Skip to Main Content
Adding Ajax
book

Adding Ajax

by Shelley Powers
June 2007
Intermediate to advanced content levelIntermediate to advanced
400 pages
9h 52m
English
O'Reilly Media, Inc.
Content preview from Adding Ajax

Endpoints, the JavaScript Sandbox, and Widgets

The use of XMLHttpRequest has one significant limitation: the same-domain restriction. A request through this object can be made only to the same domain from which the page was first requested, a key part of the JavaScript security sandbox (you can play only in your own "sandbox," thus avoiding the chaos that could result if code could connect anywhere). Among the reasons for this restriction is to ensure that the web page that contains the XHR request can't be used by a malicious site to access resources on a company intranet living behind a firewall. There are ways around this restriction, such as through signed script or setting security parameters in the browsers, but these options are being phased out as new browser versions are released.

Cross-domain access restrictions aren't normally a problem in a web application. After all, most of the web services are accessed from the same domain. In addition, if data is pulled from another domain, we can create proxies—server-side applications that access the data and then pass it on to the client—to assist us.

There is one circumstance, though, where we can't depend on the server to manage the data access of external data for us: the use of widgets.

Widgets have a history on the desktop and other environments, but they are fairly new in web development. Widgets are small objects, usually embedded in a sidebar, that provide a simplified application or access to data, such as getting weather ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ajax: The Definitive Guide

Ajax: The Definitive Guide

Anthony T. Holdener III
Ajax Design Patterns

Ajax Design Patterns

Michael Mahemoff
Web Development with JavaScript and Ajax Illuminated

Web Development with JavaScript and Ajax Illuminated

Richard Allen, Kai Qian, Lixin Tao, Xiang Fu

Publisher Resources

ISBN: 9780596529369Supplemental ContentErrata Page