Opened 10 years ago

Closed 9 years ago

#10995 closed enhancement (invalid)

Cross domain posting methods don't support postData/putData

Reported by: sgourley Owned by: James Burke
Priority: high Milestone: tbd
Component: IO Version: 1.4.0
Keywords: Cc:
Blocked By: Blocking:

Description

Is there a limitation on this or why is this not supported?

Change History (7)

comment:1 Changed 10 years ago by Adam Peller

Component: InternationalizationIO
Owner: changed from Adam Peller to James Burke

comment:2 Changed 10 years ago by James Burke

severity: majornormal

sgourley, if you can attach a test that demonstrates the failure, that would be useful. dojo.xhr does not not limit the data based on the url. Or are you using dojo.io.script instead? dojo.io.script can only use GET requests because it uses script tags with URLs. Some example code would help understand the issue.

comment:3 Changed 10 years ago by sgourley

well io.script doesn't support post. io.iframe.send supports post but not putData or postData. My issue is I'm trying to make a dojo.rawXhrPost with postData work cross domain and I can't use iframe.send since it send form key value pairs and not json post data. Same goes with the dojox options.

-steve

comment:4 Changed 10 years ago by James Burke

Normally any cross domain XHR calls only work in the more modern browsers, and even then, POST/PUT calls may be subject to pre-flight requests to the server to validate they are allowed. And IE does not allow cross-domain XHR calls via the XMLHttpRequest object but through a different object, XDomainRequest or something like that.

So in short, a cross-domain raw post XHR call in a cross browser fashion is going to be difficult to set up, outside the postData concern. The server auth check the browser will do beforehand being the first hurdle.

So do you have an xdomain request that works with a server, and just have a problem with postData, or are you wondering in general how best to do an xdomain call sending raw post info?

If you have a server that does the right thing for xdomain responses, then please attach an HTML/JavaScript test case that has the call that fails in Dojo.

If you are wondering how best to do a raw POST xdomain call with dojo tools, I believe we probably do not have a robust solution for that. The simpler path would be setting up a server proxy to do the request on your behalf.

comment:5 Changed 10 years ago by sgourley

Ok just to clarify, in testing I was using dojo.RawXHRPost but now I want to deploy my widget so others can use it and therefore I need to remove the rawxhrpost with postData and replace it with something that has cross domain postData support.

"Normally any cross domain XHR calls only work in the more modern browsers, and even then, POST/PUT calls may be subject to pre-flight requests to the server to validate they are allowed. And IE does not allow cross-domain XHR calls via the XMLHttpRequest object but through a different object, XDomainRequest or something like that."

-I'm not trying to do xhr cross domain. Sorry for the confusion.

"So in short, a cross-domain raw post XHR call in a cross browser fashion is going to be difficult to set up, outside the postData concern. The server auth check the browser will do beforehand being the first hurdle."

-I want to replace the raw xhr post with io.script or io.iframe that will package the data like the raw xhr post did.

"So do you have an xdomain request that works with a server, and just have a problem with postData, or are you wondering in general how best to do an xdomain call sending raw post info?"

-I currently have a same domain xhr post using postData that works with a server but I would like to replace the xhr method with a supported xdomain method ie: io.iframe.send. But this has proved problematic since there is no postData property on iframe.send.

"If you have a server that does the right thing for xdomain responses, then please attach an HTML/JavaScript test case that has the call that fails in Dojo."

-If i change my xhr post to iframe.send my webservice returns a 400 bad request since xhrpost with post data sends a json object and iframe.send send form keyvaluePairs

"If you are wondering how best to do a raw POST xdomain call with dojo tools, I believe we probably do not have a robust solution for that. The simpler path would be setting up a server proxy to do the request on your behalf."

-I think this is the meat of my question. Are there limitations to why iframe.send doesn't have the postData property? I don't know exactly if I need to do a raw post but I just want to post a json object xdomain to my webservice. I can post some images i have of the problem or we can chat in the dojo irc if you want.

comment:6 Changed 10 years ago by James Burke

The main issue is that the iframe post as used by dojo.io.iframe only works with form posts. So the data would have to be something that could be expressed as URL-encoded form data. AFAIK, there is not another way to force a POST in the browser without using a form (which is what dojo.io.iframe uses under the covers), or to use an XMLHttpRequest.

So can your postData be expressed as a regular form post? If so, then just using the content: argument to the dojo.io.iframe/dojo.xhrPost should work for both cases.

Note however that while the dojo.io.iframe will be able to post the data in that form to the remote server, you will not be able to read the response, since the response comes back to a frame that is on another domain than the main page, and that runs up against the browser's security policy.

So if you want to be able to read the response, then dojo.io.script is your best bet, but it is limited to GET requests that have normal URL parameters.

comment:7 Changed 9 years ago by James Burke

Resolution: invalid
Status: newclosed
Note: See TracTickets for help on using tickets.