AJAX with different origin

Post reply

❤Follow Topic(5)

0 favourites

10 posts

From the Asset Store

Adjusting the game screen for different resolutions

$3 USD

Adjusting the game screen for different resolutions (Letterbox scale)

q3olegka

- thehen
- - Joined 25 Jul, 2012
  - 58 topics • 896 posts
- 1
- 25 Jun, 2013
- Quote
Hi all,

So coming from a web dev background, I'd simply load any external JSON with server side code, as the server would be essential to displaying the content anyway.

With a mobile game though, it seems overkill to have to rely on the game calling both the proxy server and the content provider to retrieve the content. I can't request straight from the content provider because of same-origin policy.

I hear the term JSONP thrown around to bypass this. Would that be a viable solution for a Construct 2 game, or would I just run into more mobile issues?

Thanks!
- Joannesalfa
- - Joined 8 May, 2011
  - 319 topics • 3,129 posts
- 1
- 25 Jun, 2013
- Quote
Haven't you tried to make a PHP page with Cross domain? I got working AJAX requests in mobiles including CocoonJS
- thehen
- - Joined 25 Jul, 2012
  - 58 topics • 896 posts
- 1
- 25 Jun, 2013
- Quote
I have, and that works fine. It just feels like a waste of resources polling a server that requests a third party api. Is there a way to circumvent that?
- Guizmus
- - Joined 26 Mar, 2013
  - 7 topics • 471 posts
- 1
- 25 Jun, 2013
- Quote
I had that problem before with a userscript pulling datas from host I didn't own. I used YQL, an API you can pull data from by sending a GET request in an SQL style, the database being the web. Of course it accepts cross domain. It's a little slow sometimes though, but it gets the job done. A trick can let you query with post data too.
- Ashley Construct Team Founder
- Moderator
- - Joined 21 May, 2007
  - 667 topics • 30,052 posts
- 1
- 26 Jun, 2013
- Quote
You should contact whoever runs the server where you want to directly retrieve data, and ask them to set up CORS (specifically, the Access-Control-Allow-Origin HTTP header). If you can't reach them or they don't want to do that, then a middle server that ignores the security limitation is the only way around it!
- thehen
- - Joined 25 Jul, 2012
  - 58 topics • 896 posts
- 1
- 28 Jun, 2013
- Quote
Thanks Ashley I got it working :)
- thehen
- - Joined 25 Jul, 2012
  - 58 topics • 896 posts
- 1
- 5 Jul, 2013
- Quote
Ashley I revisited this and built a reverse geocoding plugin using the Bing maps API, plus a weather retrieval plugin using the forecast.io API.
In the end I did it with JSONP - it didn't require CORS or a middle server. I can understand the security concerns with JSONP exposing an API key, but as this is designed as a Tizen/FirefoxOS/Blackberry app, are there any implications?

You know a lot more about this so I'm hesitant to just roll with it.

Cheers!
Try Construct 3

Develop games in your browser. Powerful, performant & highly capable.
Try Now Construct 3 users don't see these ads
- Ashley Construct Team Founder
- Moderator
- - Joined 21 May, 2007
  - 667 topics • 30,052 posts
- 1
- 5 Jul, 2013
- Quote
JSONP is probably fine, but it's less secure than CORS. If the server sending the JSONP got hacked or otherwise sent malicious javascript, your page will go right ahead and execute it.
- thehen
- - Joined 25 Jul, 2012
  - 58 topics • 896 posts
- 1
- 5 Jul, 2013
- Quote
Ashley okay thanks, that's good to know!
- fishbottle
- - Joined 13 Aug, 2013
  - 9 topics • 45 posts
- 1
- 18 Sep, 2013
- Quote
I'm very interested in importing weather data into an app but not all that savvy when it comes to using external data in C2. Is there any chance you could share some more about how you did it thehen?

If anyone can point me to any C2 tutorials that delve into that I would greatly appreciate it.