Brad Neuberg had developed this thing called Purple Include. http://codinginparadise.org/weblog/labels/purple%20include.html I don't know if it's a good idea or not but its very interesting and achieves this goal.
Glen On 8/27/07, Pops <[EMAIL PROTECTED]> wrote: > > > Hogsmill, > > The idea is simple, > > First you have to be able to PULL "something" from the other side that > when your web pages gets it, it RUNS something. > > Having this already in your web page: > > <script ... src="http:\\abc.com"></script> > > works, but only when you first load your page. > > The idea of AJAX is to allow you to dynamic add/do more stuff after > the page is loaded. > > Ajax has the security restriction to do cross domain because the AJAX > library implementations like jQuery are designed to "EVAL()" any > scripts that is part of the AJAX response.. This is dangerous because > all this can be done without your PERMISSION. > > But what if you trust the site? > > Using Javascript and DOM, youcan inject a SCRIPT tag into your web > page. Once you inject it, the browser will automatically run it. Call > this your "PERMISSION" block. Since you created it, not the remote > domain, you are giving permission to run something on your end. > > This is how you inject SCRIPT tag: > > var script_call = document.createElement("script"); > script_call.type = "text/javascript"; > script_call.src = "http://abc.com"; // <<<< REMOTE DOMAIN > $("head")[0].appendChild(script_call); > > Once you do this, the browser will run it. > > Now, it doesn't make sense if the "data" that is received from > http://abc.com > isn't javascript itself, and that part of this is suppose to do > something for you. > > So if it only had: > > alert("hi there!"); > > that is all you will get. It has to be meaningul so people use the > JSON format as a way to pass data to you. Its doesn't have to be, but > its a easy format to use. > > The script that comes from http://abc.com can have one line: > > ProcessData(json_data) > > ProcessData() can be your function that you already have or it came in > the block too: > > function ProcessData(json) { > ... > } > > ProcessData(json_data) > > Remember, it doesn't have to be json: > > function ProcessData(s) { > alert(s); > } > > ProcessData("hi there") > > JSON justs give you a easy format to pass data. > > Once youi get the data, you can "paint" it into your web page > dynamically. > > So thats pretty much it. > > -- > HLS > > > On Aug 27, 4:29 am, hogsmill <[EMAIL PROTECTED]> wrote: > > Hi Jon, > > > > Cheers for that.... > > > > 1) When is 1.2 out? > > > > 2) I'm quite comfortable using JSON, so that's excellent news. When > > you say 'working with scripts', tho', what do you mean, exactly? Do > > you mean just JavaScript, and not PHP, etc., or something different? > > > > Cheers in advance, > > > > On Aug 26, 9:17 pm, "John Resig" <[EMAIL PROTECTED]> wrote: > > > > > Unfortunately, no. This is a limitation in all browsers in order to > > > limit security concerns. In jQuery 1.2 you'll be able to do > > > cross-domain Ajax, but only if you're working with Scripts or JSON > > > data. > > > > > --John > > > > > On 8/26/07, hogsmill <[EMAIL PROTECTED]> wrote: > > > > > > Hi All, > > > > > > Has anybody used jquery for cross-domain xmlHttp (AJAX) requests? Is > > > > this supported by jquery. > > > > > > When I say cross-domain, I mean (say)http://abc.comdoingan xmlHttp > > > > request tohttp://def.com > > > > > > Cheers in advence- Hide quoted text - > > > > > - Show quoted text - > >