Ad:

PHP Code Snippet
Views: 79281

PHP Proxy Solution for cross-domain AJAX scripting

by Troy on May 23rd, 2006

This is a PHP script that allows javascript clients to request content they otherwise would not be able to. With the popularity of AJAX (using the XmlHttpRequest object in the browser), many developers are becoming aware of the cross-domain scripting limitation. This is a security feature that prevents client-side scripts from accessing content on domains other than the current website domain.

My PHP Proxy is the solution. Simply place this PHP script on your PHP-enabled webserver. Then have your javascript make cross-domain requests through the proxy. Simple, fast, elegant--a perfect solution.

PHP Proxy makes use of my class_http object. Details and code available at http://www.troywolf.com/articles. Full source for PHP Proxy is below.

PHP Code Snippet (Toggle Plain Text)

<?php
//          FILE: proxy.php
//
// LAST MODIFIED: 2006-03-23
//
//        AUTHOR: Troy Wolf <troy@troywolf.com>
//
//   DESCRIPTION: Allow scripts to request content they otherwise may not be
//                able to. For example, AJAX (XmlHttpRequest) requests from a
//                client script are only allowed to make requests to the same
//                host that the script is served from. This is to prevent
//                "cross-domain" scripting. With proxy.php, the javascript
//                client can pass the requested URL in and get back the
//                response from the external server.
//
//         USAGE: "proxy_url" required parameter. For example:
//                http://www.mydomain.com/proxy.php?proxy_url=http://www.yahoo.com
//
 
// proxy.php requires Troy's class_http. http://www.troywolf.com/articles
// Alter the path according to your environment.
require_once("class_http.php");
 
$proxy_url = isset($_GET['proxy_url'])?$_GET['proxy_url']:false;
if (!$proxy_url) {
    header("HTTP/1.0 400 Bad Request");
    echo "proxy.php failed because proxy_url parameter is missing";
    exit();
}
 
// Instantiate the http object used to make the web requests.
// More info about this object at www.troywolf.com/articles
if (!$h = new http()) {
    header("HTTP/1.0 501 Script Error");
    echo "proxy.php failed trying to initialize the http object";
    exit();
}
 
$h->url = $proxy_url;
$h->postvars = $_POST;
if (!$h->fetch($h->url)) {
    header("HTTP/1.0 501 Script Error");
    echo "proxy.php had an error attempting to query the url";
    exit();
}
 
// Forward the headers to the client.
$ary_headers = split("\n", $h->header);
foreach($ary_headers as $hdr) { header($hdr); }
 
// Send the response body to the client.
echo $h->body;
?>

Comments on this Code Snippet

Permalink

Feb 16th, 2007

Re: PHP Proxy Solution for cross-domain AJAX scripting

Thanks for this code. i keep getting this error :

Cannot modify header information - headers already sent by

Warning: Cannot modify header information - headers already sent by (output started at /proxy/class_http.php:409) in /proxy/proxy.php on line 49

could u help me fix it.Thanks

method007

Newbie Poster

Offline

2 posts
since Jul 2005

Permalink

Sep 19th, 2007

Re: PHP Proxy Solution for cross-domain AJAX scripting

The instruction wasn't clear but I was able to figure it out. Make sure there're no extra lines below the end line.
?>

What you should do is:
1) create a file called proxy.php. Copy the code content above into that page.
2) create a file called class_http.php. Copy the code content for that file in this page.

modify the client side xmlhttp code, replace the direct url such as

xmlhttp.open("GET", "http://www.xyz.com/somexml.xml", true);

to

xmlhttp.open("GET", "http://www.yourdomain.com/proxy.php?proxy_url=www.xyz.com/somexml.xml", true);

tedqn

Newbie Poster

Offline

1 posts
since Sep 2007

Permalink

May 3rd, 2008

Re: PHP Proxy Solution for cross-domain AJAX scripting

As a rule of thumb you cannot directly access the javascript from one domain to the other. However you can pass messages and data across which can then accordingly trigger events in the javascript.

One way is to the use a proxy in between the two domains and relay an AJAX request to the other domain through the proxy. A detailed article on it is on http://www.mabaloo.com/Web-Developme...-tutorial.html

Another way which does not involve a proxy but uses Iframes is by using the URL hash.
http://www.mabaloo.com/Web-Developme...ng-Iframe.html

girish13

Newbie Poster

Offline

1 posts
since May 2008

Permalink

Jul 23rd, 2008

Re: PHP Proxy Solution for cross-domain AJAX scripting

Thanks, helped me... is there any easy solution to restrict this proxy for some urls only?

falstaff

Newbie Poster

Offline

1 posts
since Jul 2008

Permalink

Jan 29th, 2009

Re: PHP Proxy Solution for cross-domain AJAX scripting

IDEAS?

I use this proxy for SOAP calls from a javascript page, but my response should be XML and I get the HTML descriptor instead.

going through or using the proxy changes the response from the remote service. I sense that the proxy can't handle the XML response.

so using proxy response is HTML descriptor http://www.webservicex.net/stockquote.asmx

without proxy I get the desired XML
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<GetQuoteResponse xmlns="http://www.webserviceX.NET/">
<GetQuoteResult><![CDATA[<StockQuotes><Stock><Symbol>IBM</Symbol><Last>92.51</Last><Date>1/29/2009</Date><Time>4:01pm</Time><Change>-2.31</Change><Open>93.58</Open><High>94.58</High><Low>92.02</Low><Volume>9234105</Volume><MktCap>124.0B</MktCap><PreviousClose>94.82</PreviousClose><PercentageChange>-2.44%</PercentageChange><AnnRange>69.50 - 130.93</AnnRange><Earns>8.926</Earns><P-E>10.62</P-E><Name>INTL BUSINESS MAC</Name></Stock></StockQuotes>]]></GetQuoteResult>
</GetQuoteResponse>
</soap:Body>
</soap:Envelope>

soapguy

Newbie Poster

Offline

1 posts
since Jan 2009

Permalink

Nov 19th, 2009

Re: PHP Proxy Solution for cross-domain AJAX scripting

For some reason some text from the fields and text from the confirmation coming back from the proxy is being lost. I am struggling trying to make a captcha field send the proper data to the server but it cuts off the information being posted and the captcha doesnt match...can you help me?

udelojf

Newbie Poster

Offline

1 posts
since Nov 2009

Permalink

Nov 20th, 2009

Re: PHP Proxy Solution for cross-domain AJAX scripting

If you're getting the error:

Cannot modify header information - headers already sent by

Add ob_start() to the beginning of the script.

digital-ether

Nearly a Posting Virtuoso

Offline

1,250 posts
since Sep 2005

Permalink

Nov 20th, 2009

Re: PHP Proxy Solution for cross-domain AJAX scripting

proxy.php failed because proxy_url parameter is missing

how do i fix?

Last edited by williamsimpson; Nov 20th, 2009 at 7:12 am.

williamsimpson

Newbie Poster

Offline

1 posts
since Nov 2009

Permalink

Jan 21st, 2010

Re: PHP Proxy Solution for cross-domain AJAX scripting

Hi,

someone recommended to me to just use

<?php
$content= file_get_contents('http://www.domain.com');
echo $content;
?>

in order to get the content of that domain. That's quite a bit simpler than what is suggested here. Is there any problem with this solution??

tompk

Newbie Poster

Offline

1 posts
since Dec 2009

Page 1
2
Next

Previous Thread in PHP Forum Timeline: please HELP me !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Next Thread in PHP Forum Timeline: try to write php array into smarty....?

DaniWeb Message

Cancel Changes

User Name
Password