
greg said:
what's cors?
sorry, i just assumed you would know. also, have you heard of google? or wikipedia? top hit at google:
basically, this python program retrieves the e-text just fine:
#!/usr/bin/python import urllib print 'Content-type: text/html\n'
f=urllib.urlopen("http://snowy.arsc.alaska.edu/gutenberg/3/3/3/3333/3333- 8.txt")
s=f.read() f.close() print s
but on the other hand, this (defanged) javascript will _not_ get the file:
!doctype html> html> head> meta charset=utf-8 /> title>CORS example /title> script type="text/javascript">
var client = new XMLHttpRequest();
client.onreadystatechange = function () { if (this.readyState == 4 && this.status == 200) { alert('' + this.responseText.substring(0,30)); } };
client.open('get', 'http://snowy.arsc.alaska.edu/gutenberg/3/3/3/3333/3333-8.txt');
client.send(); /script> /head> body> p id="hello">cors_snowy /p> /body> /html>
the error-log reports:
XMLHttpRequest cannot load http://snowy.arsc.alaska.edu/gutenberg/3/3/3/3333/3333-8.txt. Origin http://mywebsitenamehere.com is not allowed by Access-Control-Allow-Origin.
this javascript _would_ work if it was being served from snowy, because then the javascript would be requesting a resource from the domain from which it came, which is always allowed. but if we serve it from another domain, the policy against cors (cross-domain origin resource sharing) disallows the request. however, you can have snowy _allow_ such cors requests. it has something to do with the headers that you send out. if you authorize these cors requests, then javascript will be able to get content from snowy, in the same way python can, from _any_ domain from which it might be served. for myself, i've worked around this problem. (i simply have javascript instruct my domain to have python go get the file, which it can do, and then i have python store it on my domain, and then -- since it's now on my domain -- javascript can get it.) but javascript coders shouldn't have to do this two-step shuffle. and they won't, if you have snowy authorize cors requests... -bowerbird
participants (1)
-
bowerbird