Write a JSP proxy which acts as a bridge between the Flex and AIR applications and the remote data
Sometimes you won’t be able to put a cross-domain file on the destination server. To solve
this problem you can use a server-side proxy file that consists of a script published on the
server which acts as a bridge between the Flex application and the
remote data to load. Instead of directly accessing external resources
on different domains, Flex will access this proxy service, which looks
after accessing the resources on the specified domains.
The same proxy method can also be created by using JSP as server-side language. Create a
new file and save it with the name getrssurl.jsp. The script is the following:
<%@ page language="java" contentType="text/html; charset=utf-8"
pageEncoding="utf-8"
import="java.io.BufferedReader,
java.io.InputStreamReader,
java.io.IOException,
java.io.InputStream,
java.net.MalformedURLException,
java.net.URL,
java.net.URLConnection"
%>
<%!
private String contentURL;
public static final String CONTENT_URL_NAME = "contentURL";
%>
<%
// get the url through the request:
If (contentURL == null) {
contentURL = (String)request.getAttribute(CONTENT_URL_NAME);
if (contentURL == null)
contentURL = (String)request.getParameter(CONTENT_URL_NAME);
}
if (contentURL == null)
throw new ServletException("A content URL must be provided, as a
"'" + CONTENT_URL_NAME +
"'" request attribute or request parameter.");
URL url = null;
try {
// get a connection to the content:
url = new URL(contentURL);
URLConnection urlConn = url.openConnection();
// show the client the content type:
String contentType = urlConn.getContentType();
response.setContentType(contentType);
// get the input stream
InputStream in = urlConn.getInputStream();
BufferedReader br = new BufferedReader(new InputStreamReader(in));
char[] buffer = new char[1024];
String contentString = "";
String tmp = br.readLine();
do
{
contentString += tmp + "\n";
tmp = br.readLine();
}
while (tmp != null);
out.flush();
out.close();
}
catch (MalformedURLException me) {
// on new URL:
throw new ServletException(å
"URL: '" + contentURL + "' is malformed.");
}
catch (IOException ioe) {
// on opne connection:
throw new ServletException("Exception while opening '" +å
contentURL + "': " + ioe.getMessage());
}
catch (Exception e) {
// on reading input:
throw new ServletException("Exception during proxy request: " å
+ e.getMessage());
}
%>
Save this file as getrssurl.jsp and transfer it onto the web server.
On the Flex side the only thing you have to change is the address defined within the url
property of the HTTPService tag. The url has to point to the JSP file:
<mx:Application xmlns:mx="http://www.adobe.com/2006/mxml"
layout="vertical" creationComplete="myHS.send()">
<mx:HTTPService id="myHS"
url="http://88.149.156.198/develop/xmloutput/getrssurl.jsp"
method="GET"å
result="myAS = myHS.lastResult.rss.channel.item as ArrayCollection">
<mx:request xmlns="">
<url>{myURL}</url>
</mx:request>
</mx:HTTPService>
<mx:DataGrid id="myDG" dataProvider="{myAS}">
<mx:columns>
<mx:DataGridColumn dataField="category" headerText="Category" />
<mx:DataGridColumn dataField="title" headerText="Description" />
<mx:DataGridColumn dataField="pubDate" headerText="Date" />
</mx:columns>
</mx:DataGrid>
</mx:Application>
Save the file, run the application, and then copy the SWF file with the HTML Wrapper and
the JSP file onto a web server. Load the application to see the RSS feed displayed in the
Flex application.
I end up using proxies like this way more than I'd like to, but alas, it's what we have to do.
one trick i like to use is to put the proxying into an error handler, so that if the site ever adds a crossdomain file, i can take advantage of direct access without having to change the code. It does add an extra request but can be handy.
myurlloader.addEventListener(SecurityErrorEvent.SECURITY_ERROR,tryProxy);
Posted by: Daryn | February 20, 2008 at 02:05 AM
Great-- let's just throw anonymous and open proxies all over the place without even posting a caveat about the security implications of this. I'm sure the rogue individuals out there will have a blast downloading porn and copyrighted content from your open proxy in production. Maybe after a while you'll even start scratching your head as to why your bandwidth is nearly non-existent.
If you're going to post a tip like this, at least show some responsibility and encourage people to require authentication and/or explicitly limit what URL(s) the proxy can get to!
Beadle
Posted by: Beadle Fox | February 22, 2008 at 05:18 PM