Tuesday, August 22nd, 2006
Prototype Extension: Dynamic Script Pattern Support
Category: Prototype
Cody then extended Prototype to support ScriptSrcTransport similarly to how Dojo does it.
The code below support the Simple, Polling and JSONP and JSON Callbacks described in the Dojo book.
JAVASCRIPT:
-
-
Ajax = Object.extend(Ajax,{
-
getTransport: function(transport)
-
{
-
return Try.these(
-
function() {return new transport();},
-
function() {return new XMLHttpRequest();},
-
function() {return new ActiveXObject('Msxml2.XMLHTTP');},
-
function() {return new ActiveXObject('Microsoft.XMLHTTP');}
-
) || false;
-
},
-
activeRequestCount: 0
-
});
-
-
Ajax.Base.prototype = Object.extend(Ajax.Base.prototype,{
-
setOptions: function(options) {
-
this.options = {
-
method: 'post',
-
asynchronous: true,
-
contentType: 'application/x-www-form-urlencoded',
-
parameters: '',
-
transport: null,
-
checkString: '',
-
timeoutSeconds: 20,
-
jsonParamName: null
-
}
-
Object.extend(this.options, options || {});
-
}
-
});
-
-
Ajax.Request.prototype = Object.extend(Ajax.Request.prototype, {
-
initialize: function(url, options) {
-
this.setOptions(options);
-
this.transport = Ajax.getTransport(this.options.transport);
-
this.request(url);
-
},
-
request: function(url) {
-
var parameters = this.options.parameters || '';
-
if (parameters.length> 0) parameters += '&_=';
-
-
try {
-
this.url = url;
-
if (this.options.method == 'get' && parameters.length> 0)
-
this.url += (this.url.match(/?/) ? '&' : '?') + parameters;
-
-
Ajax.Responders.dispatch('onCreate', this, this.transport);
-
-
this.transport.open(this.options.method, this.url,
-
this.options.asynchronous,this.options.username,this.options.password,this.options);
-
-
if (this.options.asynchronous) {
-
this.transport.onreadystatechange = this.onStateChange.bind(this);
-
setTimeout((function() {this.respondToReadyState(1)}).bind(this), 10);
-
}
-
-
this.setRequestHeaders();
-
-
var body = this.options.postBody ? this.options.postBody : parameters;
-
this.transport.send(this.options.method == 'post' ? body : null);
-
-
} catch (e) {
-
this.dispatchException(e);
-
}
-
},
-
evalJSON: function() {
-
if(this.transport.json){ return this.transport.json; }
-
else
-
{
-
try {
-
return eval('(' + this.header('X-JSON') + ')');
-
} catch (e) {}
-
}
-
}
-
});
-
Nice work Cody!
Related Content:
4.4 rating from 14 votes
Cody Swann… You are a genius!!! Is there nothing you can’t do?!
Line 48 should be
try{ this.transport.open(this.options.method, this.url, this.options.asynchronous,this.options.username,this.options.password,this.options); }
catch(err){ this.transport.open(this.options.method, this.url,this.options.asynchronous); }
IE pukes if you call new Ajax.Request more than once because the XML Req object is not native and cannot take more than the maximum number of arguments.
My fault.
Interesting Finds: August 23, 2006
Very useful! You are my idol.
[...] Ajaxian » Prototype Extension: Dynamic Script Pattern Support [...]
[...] I am not saying cross domain scripting isn’t a problem. But I am saying that it’s only a problem when the other domain is being malicious. From a developers perspective you can be extremely selective as to which domains you allow to script with. Say yes to Yahoo and not to bankone.secure.sadfasdfs.com. So for one developer to say to another that dynamic script pattern (here and here) is dangerous doesn’t make sense. They are overlooking the developers ability to opt out of any potential scripts which could pose a security risk. [...]