Code Example: Perl Proxy for Javascript-based Apps
Date Posted: 1/16/2008 3:34:33 PM
Example Type: JavaScript

Introduction
Javascript-based apps that make requests from remote servers get blocked by Web browsers.  If your Web environment can run Perl, this script will let you get around this restriction in a simple fashion.

Documentaion:

Javascript prevents access to URLs located at domains other than that of the page on which the Javascript resides.  This is a security "feature" that can cause real problems for developers who want to update the contents of a page based on Javascript within that page that's accessing some remote API, like the MyVox API.  If you'd like to learn more about the issue, and various ways around it, just do a search on "cross-browser javascript", and see what you get.

One solution - and one we've used on many examples on this site - is to hand off requests to myVox to a Perl script.  That Perl is not subject to the same security restrictions, and so it can act as a proxy between the Javascript and myVox.

To use the code, you'll need to have a Web server that can host Perl-based CGIs.  Put the code in your cgi-bin, then open it up in a text editor and read the top of the file.  There's a little configuration you will need to do by editing the file.  Note that this same code will also let you hide any passwording you put on your MyVox commands - something that Javascript puts in plain view otherwise.

To see how your Javascript "talks" to the Perl code, take a look at our Javascript-based iPhone Voice Memo example.  The first page (init_recorder.html) uses the Perl proxy trick to avoid the cross-domain issue.

A download of the code can also be found in our Reference Library.

Example Code:
#!/usr/bin/perl ############################################################################ # Proxy script for accessing the myVox API. Used to get around Javascript # security limitations on accessing remote domains. Also allows you to hide # any passwords you've set, by substituting out a fake password (in your # Javascript) for the real thing (here in the Perl). # # To use: # # a) Put this in your cgi-bin or equivalent, and point your Javascript to it # b) If you want to use password hiding, put the real password in this script # as the $VM_PASSWORD value, then use the value that's in # $PASSWORD_KEYWORD as the "password" in your Javascript # # Written by myVox. Free to use and modify at your own risk. 01/16/08 ############################################################################ require LWP::UserAgent; require HTTP::Request; require CGI; my $apiUrl = "http://api.myvox.com/vr"; my $VM_PASSWORD = ''; # specify your own password my $PASSWORD_KEYWORD = 'PASS'; # you can change this to a different value # if you want us to look for something # different my $cgi = new CGI(); my @params = $cgi->param; my $param; my $query; my $value; # Take the parameters that were passed in and turn them into a request to the # myVox server. If a password was provided and it matches the keyword, # replace it with the real thing. foreach $param ( @params ) { $value = $cgi->param( $param ); if ( $param eq 'password' && $value eq $PASSWORD_KEYWORD ) { $value = $VM_PASSWORD; } $query .= "$param=$value&"; } $query .= "nocache=" . localtime(); # Send the request to myVox. my $ua = LWP::UserAgent->new; $ua->timeout(10); $ua->env_proxy; $ua->agent('myvox proxy script' ); my $request = HTTP::Request->new( POST => $apiUrl ); $request->content_type( 'application/x-www-form-urlencoded' ); $request->content( $query ); # Get the response from myVox. my $response = $ua->request( $request ); # If the content was successfully retrieved, pass it back to the browser; # otherwise, pass back a simple error message. if ( $response->is_success ) { print "Content-Type: text/plain\n\n"; print $response->content; } else { print "Content-Type: text/plain\n\n"; print "{ myvoxapi: { status: 'failure' } }"; } exit ;