From 13302bef1c1ae719a03d698f75e86cdab234a402 Mon Sep 17 00:00:00 2001 From: Leif Johansson Date: Mon, 13 Jun 2011 11:17:27 +0200 Subject: xdomain magic? --- .../django-crossdomainxhr-middleware.py | 44 ++++++++++++++++++++++ src/meetingtools/settings.py | 1 + src/site-media/js/jquery.meetingtools.js | 2 +- 3 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 src/meetingtools/django-crossdomainxhr-middleware.py (limited to 'src') diff --git a/src/meetingtools/django-crossdomainxhr-middleware.py b/src/meetingtools/django-crossdomainxhr-middleware.py new file mode 100644 index 0000000..f525b9a --- /dev/null +++ b/src/meetingtools/django-crossdomainxhr-middleware.py @@ -0,0 +1,44 @@ +import re + +from django.utils.text import compress_string +from django.utils.cache import patch_vary_headers + +from django import http + +try: + import settings + XS_SHARING_ALLOWED_ORIGINS = settings.XS_SHARING_ALLOWED_ORIGINS + XS_SHARING_ALLOWED_METHODS = settings.XS_SHARING_ALLOWED_METHODS +except: + XS_SHARING_ALLOWED_ORIGINS = '*' + XS_SHARING_ALLOWED_METHODS = ['POST','GET','OPTIONS', 'PUT', 'DELETE'] + + +class XsSharing(object): + """ + This middleware allows cross-domain XHR using the html5 postMessage API. + + + Access-Control-Allow-Origin: http://foo.example + Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE + """ + def process_request(self, request): + + if 'HTTP_ACCESS_CONTROL_REQUEST_METHOD' in request.META: + response = http.HttpResponse() + response['Access-Control-Allow-Origin'] = XS_SHARING_ALLOWED_ORIGINS + response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS ) + + return response + + return None + + def process_response(self, request, response): + # Avoid unnecessary work + if response.has_header('Access-Control-Allow-Origin'): + return response + + response['Access-Control-Allow-Origin'] = XS_SHARING_ALLOWED_ORIGINS + response['Access-Control-Allow-Methods'] = ",".join( XS_SHARING_ALLOWED_METHODS ) + + return response \ No newline at end of file diff --git a/src/meetingtools/settings.py b/src/meetingtools/settings.py index 8835de9..7c7cc41 100644 --- a/src/meetingtools/settings.py +++ b/src/meetingtools/settings.py @@ -80,6 +80,7 @@ TEMPLATE_LOADERS = ( MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'meetingtools.urlmiddleware.UrlMiddleware', + 'meetingtools.django-crossdomainxhr-middleware.XsSharing', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.RemoteUserMiddleware' diff --git a/src/site-media/js/jquery.meetingtools.js b/src/site-media/js/jquery.meetingtools.js index 1453226..0293548 100644 --- a/src/site-media/js/jquery.meetingtools.js +++ b/src/site-media/js/jquery.meetingtools.js @@ -13,7 +13,7 @@ jQuery.fn.meetingtools = function(options) { } var url = url+'/room/+'+tags+'.json'; var div = $(this); - $.getJSON(url,function(data) { + $.getJSON(url+"?jsoncallback=?",function(data) { html = "