And now a technical post…Domino, RSS, AJAX and cross-domain scripting

We’ve been working on a project recently where a Notes document would be displayed on the web. If you think in terms of a Web Content Management page where there’s a lot of surrounding headers and menus and then a content block, you’ve got the picture. Within this content, a user has specified that an RSS feed should be shown. For this particular implementation, we want to render the page and then use AJAX to grab the RSS feed specified, transform it, and display it at this specified point in the page. This is relatively straightforward AJAX stuff, and would work fine if the feed is from the same host/domain. However, it’s not from the same domain, of course it’s not, it’s never that easy is it?

Let’s say the feed is for Ed Brill’s blog…no, let’s not, I hammer his blog enough as it is already with my tests (sorry Ed). Let’s pick on Bill Buchan instead. There’s a security block out there that says xmlhttprequest objects can’t go to a url outside of the current host/domain, which would constitute cross domain scripting. Now, this problem has been addressed before outside the Domino space, as well as in the Domino space, see this entry on CodeStore. But did I mention that this client’s environment runs Domino on Linux servers. Ha, that knocks out Dwight Wilbanks and his dominion of folks that say, “Easy, use CreateObject(“Msxml2.ServerXMLHTTP”) in Lotusscript”.

So, we’ve built a solution that makes use of the AJAX pattern of Cross-Domain Proxy with a Java agent (or servlet) as the intermediary and are testing it out. I’m curious if anyone sees serious problems with it. More…

One thought on “And now a technical post…Domino, RSS, AJAX and cross-domain scripting

Comments are closed.