Another problem I ran into in the course of my recent development of a PHP newsletter tool (Gutuma), was the restriction on AJAX requests to the same domain as the host page. I’ve developed some AJAX gadgets which can be placed on a user’s site and will send subscription requests to the newsletter tool… which might be hosted on a different domain.
If you’ve come across an “Access to restricted URI denied” error then you’re probably having the same problem. The solution is to use a proxy on the domain where the AJAX controls are hosted. This proxy receives the HTTP requests from the AJAX controls and can forward them on to the other domain.
For an example of how to do this, you can check out guproxy.php which is my simple single file PHP script for forwarding AJAX requests (from the SACK AJAX library) to the AJAX interface of Gutuma. As a security precaution it limits forwarded requests based on the destination url, and the filters the POST variables to those used by Gutuma. Other solutions I’ve seen don’t do this and thus leave your proxy script open to abuse.
Leave a Reply