|
Home > Archive > Perlbal > January 2006 > [patch] and [plugin] Fixing AJAX limitations with PerlBAL
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
[patch] and [plugin] Fixing AJAX limitations with PerlBAL
|
|
| João Pedro Gonçalves 2006-01-06, 5:46 pm |
| Hi all,
One of the issues with XMLHttpRequest calls used in AJAX frameworks
is that you can only make requests to the same host:port pair that the
original request came from (Firefox on default settings).
This security feature is in place to avoid calls to insecure sites, but
what if you have different sites in your network that you trust
and you wish to make calls to them?
For instance, you have a Windows Web Service framework that you need to
access from a Javascript call on an Apache host.
This usually involves doing some reverse proxy tricks, so Perlbal may
solve this issue quite nicely.
The following Plugin, AJAXSelector, allows to configure a URL namespace
that is used to redirects the calls to another - configured - host:
So, having a Perlbal running on 'www.mysite.com', the URL:
http://www.mysite.com/reverseproxyn...ost.mysite.com/
file.html
calls instead
http://otherhost.mysite.com/file.html
The configuration to activate the example would be:
Load AJAXSelector
AJAX NAMESPACE reverseproxynamespace
AJAX HOST otherhost.mysite.com
Per each 'AJAX HOST' entry, one pool/service pair is created, using the
IP addresses associated with the name
to populate the pool.
This way, an application can make 'controlled' cross-site calls, based
on the list of trusted web sites.
Since this plugin manipulates the request_uri, i've added two patches
to allow write access to $headers->request_uri() in
Perlbal::HTTPHeaders and Perlbal::XS::HTTPHeaders .
Thank you for your comments,
João Pedro Gonçalves
SAPO
| |
| João Pedro Gonçalves 2006-01-06, 5:46 pm |
| Here's an updated version of the plugin, allowing to use either an URL
namespace or an HTTP header
added via the setRequestHeader() method in XMLHttpRequest .
A configuration using an http header instead of the URI namespace would
be:
Load AJAXSelector
AJAX HEADER X-reverse-host
AJAX HOST otherhost.mysite.com
A typical XMLHttpRequest call to set this would be:
req = new XMLHttpRequest();
req.open('GET', '/index.html', true);
req.setRequestHeader('X-reverse-host', 'otherhost.mysite.com');
req.onreadystatechange = function () {
if (req.readyState == 4) {
if(req.status == 200)
alert(req.responseText);
else
alert("Error loading page\n");
}
};
req.send(null);
Best regards,
João Pedro Gonçalves
SAPO
|
|
|
|
|