diff options
author | Leif Johansson <leifj@sunet.se> | 2011-06-13 11:17:27 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2011-06-13 11:17:27 +0200 |
commit | 13302bef1c1ae719a03d698f75e86cdab234a402 (patch) | |
tree | 6c6f06d581244a7a1f1526e4e7ea27b1f3f317af /src | |
parent | 69d15e96926819f2136d626041d850f36df67a88 (diff) |
xdomain magic?
Diffstat (limited to 'src')
-rw-r--r-- | src/meetingtools/django-crossdomainxhr-middleware.py | 44 | ||||
-rw-r--r-- | src/meetingtools/settings.py | 1 | ||||
-rw-r--r-- | src/site-media/js/jquery.meetingtools.js | 2 |
3 files changed, 46 insertions, 1 deletions
diff --git a/src/meetingtools/django-crossdomainxhr-middleware.py b/src/meetingtools/django-crossdomainxhr-middleware.py new file mode 100644 index 0000000..f525b9a --- /dev/null +++ b/src/meetingtools/django-crossdomainxhr-middleware.py @@ -0,0 +1,44 @@ +import re + +from django.utils.text import compress_string +from django.utils.cache import patch_vary_headers + +from django import http + +try: + import settings + XS_SHARING_ALLOWED_ORIGINS = settings.XS_SHARING_ALLOWED_ORIGINS + XS_SHARING_ALLOWED_METHODS = settings.XS_SHARING_ALLOWED_METHODS +except: + XS_SHARING_ALLOWED_ORIGINS = '*' + XS_SHARING_ALLOWED_METHODS = ['POST','GET','OPTIONS', 'PUT', 'DELETE'] + + +class XsSharing(object): + """ + This middleware allows cross-domain XHR using the html5 postMessage API. + + + Access-Control-Allow-Origin: http://foo.example + Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE + """ + def process_request(self, request): + + if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META: + response = http.HttpResponse() + response['Access-Control-Allow-Origin'] = XS_SHARING_ALLOWED_ORIGINS + response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS ) + + return response + + return None + + def process_response(self, request, response): + # Avoid unnecessary work + if response.has_header('Access-Control-Allow-Origin'): + return response + + response['Access-Control-Allow-Origin'] = XS_SHARING_ALLOWED_ORIGINS + response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS ) + + return response
\ No newline at end of file diff --git a/src/meetingtools/settings.py b/src/meetingtools/settings.py index 8835de9..7c7cc41 100644 --- a/src/meetingtools/settings.py +++ b/src/meetingtools/settings.py @@ -80,6 +80,7 @@ TEMPLATE_LOADERS = ( MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'meetingtools.urlmiddleware.UrlMiddleware', + 'meetingtools.django-crossdomainxhr-middleware.XsSharing', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.RemoteUserMiddleware' diff --git a/src/site-media/js/jquery.meetingtools.js b/src/site-media/js/jquery.meetingtools.js index 1453226..0293548 100644 --- a/src/site-media/js/jquery.meetingtools.js +++ b/src/site-media/js/jquery.meetingtools.js @@ -13,7 +13,7 @@ jQuery.fn.meetingtools = function(options) { } var url = url+'/room/+'+tags+'.json'; var div = $(this); - $.getJSON(url,function(data) { + $.getJSON(url+"?jsoncallback=?",function(data) { html = "<ul class=\"meeting-list\">"; $.each(data,function(i,room) { html += "<li class=\"meeting\"><h4>"+room['name']+"</h4><div class=\"meeting-info\">"; |