i need to do ajax cross site scripting
there are several technics, all with its limitations
* flash: needs security policy file in the target server
* javascript : needs security policy file in the target server
* cssHttpRequest (http://nb.io/hacks/csshttprequest). works fine but it is considered a bug and it is fixed in new versions of some browsers like FF or webkit, so IMHO it is not recommended to use this in your products.
* using an iframe: it is tricky and didn't worked for me
* an approach like www.ajax-cross-domain.com wirks very good, but the service offered by www.ajax-cross-domain.com it's only for demo porpuses and very limited.
In this article I will examplain how to make your own www.ajax-cross-domain.com service like for free:
000webhost
file curl.php
$curl_url = $_GET["url"];
/*echo "url = " . $curl_url;*/
$curl_limit_size = 20000; /* ~20kb */
$curl_handle = curl_init($curl_url);
$data_string = "";
function write_function($handle, $data) {
global $data_string;
global $curl_limit_size;
$data_string .= $data;
if (strlen($data_string) > $curl_limit_size) {
return 0;
}
else
return strlen($data);
}
function escapeJavaScriptText($string) {
return str_replace("\n", '\n', str_replace('"', '\"', addcslashes(str_replace("\r", '', (string)$string), "\0..\37'\\")));
}
http://cancerbero.vacau.com/curl.php?url=http://www.google.com
you can disable the code here -> http://members.000webhost.com/analytics.php
No hay comentarios:
Publicar un comentario