Ajax Bible

You’ll find that if you try to access Google Suggest directly from an Ajax-enabled Web page that there’s going to be an issue: your browser will display a warning message in a dialog box. In other words, when an Ajax script tries to access a Web domain that it didn’t come from (such as www.google.com), browsers get suspicious for security reasons. (If it tries to access the domain it came from, there’s no problem.)

However, living with a warning dialog box each time someone uses your script isn’t an option, either. So what can you do? You’ll find all kinds of suggestions in the Ajax community, such as changing the security settings of your browser. Clearly, that’s not a viable option either; how are you going to convince your millions of users to alter their browser’s security settings?

The solution is to use a server-side script to access the sensitive domain for you. Because it’s not your browser that’s accessing that domain, there’s no problem. You already saw this at work with google.php, which is what accessed Google Suggest for you:

<?php $filehandle = fopen("http://www.google.com/complete/search?hl=en&js=true&qu=" . $_GET["qu"], "r"); while (!feof($filehandle)){ $download = fgets($filehandle); echo $download; } ?>

That’s the way to get around the problem. If you need to access a domain other than the one that your Ajax page came from, use server-side code to do the actual accessing.

Категории