4thefile_api
Differences
This shows you the differences between two versions of the page.
|
4thefile_api [2010/11/05 18:48] jay |
4thefile_api [2010/11/08 21:53] (current) jay |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| The 4theFile API provides RESTful web services for use in integrating 4theFile with other web-based applications. The API has the following features: | The 4theFile API provides RESTful web services for use in integrating 4theFile with other web-based applications. The API has the following features: | ||
| + | |||
| * all communication via HTTP or HTTPS | * all communication via HTTP or HTTPS | ||
| * authentication via HTTP Basic auth | * authentication via HTTP Basic auth | ||
| Line 62: | Line 63: | ||
| If your web application's interface uses AJAX, you might be thinking that you can call the 4theFile API to get a 4theFile resource list in json format directly from inside the browser via XMLHttpRequest. There are 2 reasons why this isn't a good idea: | If your web application's interface uses AJAX, you might be thinking that you can call the 4theFile API to get a 4theFile resource list in json format directly from inside the browser via XMLHttpRequest. There are 2 reasons why this isn't a good idea: | ||
| - | # your browser won't like it, because you're violating the "same origin" policy that helps prevent malicious cross-site scripting (XSS) attacks | + | - your browser probably won't allow it, because you're violating the "same origin" policy that helps prevent malicious cross-site scripting (XSS) attacks |
| - | # you would need to provide access to your API credentials in the client-side javascript, thereby exposing them in the client-side source code | + | - you would need to provide access to your API credentials in the client-side javascript, thereby exposing them in the client-side source code |
| - | So you'll need to provide your own ajax callback that in turn calls the 4theFile API (or provide a web proxy in the same origin as your server as described here http://developer.yahoo.com/javascript/howto-proxy.html) | + | So, you'll need to provide your own ajax callback that in turn calls the 4theFile API from the server, or else provide a web proxy in the same origin as your server as described here http://developer.yahoo.com/javascript/howto-proxy.html |
| Note: If you've read this far, you may be familiar with JSONP (an alternate solution to cross-domain ajax problems). We'd probably be willing to support JSONP as an alternative response format in the future if there's any demand for it. So if you'd like JSONP, [[tech_support_contacts | let us know]]. | Note: If you've read this far, you may be familiar with JSONP (an alternate solution to cross-domain ajax problems). We'd probably be willing to support JSONP as an alternative response format in the future if there's any demand for it. So if you'd like JSONP, [[tech_support_contacts | let us know]]. | ||
4thefile_api.1288982920.txt.gz · Last modified: 2010/11/05 18:48 by jay