September 8, 2010

Posts Comments

You are here: Home / Languages / Javascript / AJAX

How to do HTTP Basic Auth in Ajax

August 16, 2007 By Bruce Kroeze 13 Comments

You can use HTTP Basic Authentication with Javascript/Ajax in just three steps. I’ll give you them in just a moment.

The Background

This morning, I was experimenting with Adobe AIR, writing a client to tell me whether I have games waiting for me to make a move on Weewar, and I needed to be able to use my username and “token” via Basic Auth to do that.

It was not easy to find how to do it. In fact, I had to connect a few dots to get it to work. Here you go:

Step 1

First, get Base64.js from Webtoolkit, and load it on your page. We need the encode routine from that library.

Step 2

Construct your Authorization header like so:


function make_base_auth(user, password) {
  var tok = user + ':' + pass;
  var hash = Base64.encode(tok);
  return "Basic " + hash;
}

Step 3

Use it in your Ajax call.


var auth = make_basic_auth('me','mypassword');
var url = 'http://example.com';

// RAW
xml = new XMLHttpRequest();
xml.setRequestHeader('Authorization', auth);
xml.open('GET',url)

// ExtJS
Ext.Ajax.request({
    url : url,
    method : 'GET',
    headers : { Authorization : auth }
});

// jQuery
$.ajax({
    url : url,
    method : 'GET',
    beforeSend : function(req) {
        req.setRequestHeader('Authorization', auth);
    }
});

[tags]ajax,javascript,extjs,xmlhttprequest,jquery[/tags]

Filed Under: AJAX, Javascript

Ajax remoting for Invisible Castle

February 1, 2006 By Bruce Kroeze 2 Comments

Happy computerI offer the code for my Invisible Castle site under a GPL license. However, it is not the easiest code in the world to get running. Plus, it is really overkill for most people. Most people who ask for the code really just want a die-roller with database lookup for their site. They aren’t really prepared to provide a working Python/Cheetah/MySql install. That’s fine, I could help them out and pick up a new skill in one fell swoop.

Ajax to the rescue

I quickly wrote a simple remote interface to the die-roller, and then used the Prototype library to implement an Ajax interface to it. Simple simple simple. It worked beautifully, with one problem, that pesky restriction agains cross-domain XMLHTTPRequests. So, I wrote a simple little PHP proxy page, and it works perfectly!

All together, this was a pretty nice payoff for a couple hours of work, including ramping up from zero about XMLHTTPRequest objects. I already have two remote client sites functioning happily using the script, which has a working demo with install instructions here.
[tags]javascript,Ajax,cross-site scripting,xss,xmlhttprequest,prototype[/tags]

Filed Under: AJAX, Downloads, Javascript, Open Source

AJAX goodness for Invisible Castle

January 2, 2006 By Bruce Kroeze 3 Comments

I just rolled my first real AJAX application out to testing. My Invisible Castle site is a die-roller for online gaming. It lets uses roll dice, and it lets their game masters or fellow players go look them up later. Fairly simple, but it got over 150,000 rolls last year alone.

I like to use the site as a testbed for new technologies that I’m interested in learning or exercising. This has worked out really well for me, leading me to the excellent Cheetah Template page template system for Python. Last fall, I completed a major refactoring of the site, and moved it to Dreamhost. With Cheetah in place, and the code all clean and lovely, I am now finding it very simple to add new features.

AJAX, why?

Despite it being a testbed, I don’t like to add features for the sake of features. That’s just silly. I could “ajax-up” the site, making it prettier I suppose. Maybe I’ll do that as I work on the site, but for my first AJAX app, I wanted something more interesting. So, I decided to open up the site to remote calls.

I want remote gaming sites to be able to embed a tiny amount of well-written Javascript, and end up with the ability to roll “in place” for their users. This morning, with the aid of Prototype and Behaviour libraries, I whipped out a nice remoting system in just a couple hours.

Cross-site

The most annoying part of the whole mini-app was enabling the cross-site AJAX call. I solved it by writing a quick PHP script which simply uses curl in the background to call my site, passing along the parameters. That script gets installed on the site which wants to use my roller, and bang, instant on.

It was fun to write. Take a look at the remote test here and let me know what you think. Notice, not a single line of ugly in-line javascript. Behaviour is a wonderful library!

Filed Under: AJAX, Javascript, Libraries, Open Source