Fetch Cross-domain Content Using a PHP Proxy
If you've ever tried to fetch a resource outside of your domain via an Ajax call, you probably got this error message:
XMLHttpRequest cannot load http://www.domain.com/path/filename.
Origin null is not allowed by Access-Control-Allow-Origin.
This error was triggered by the Same-origin policy. It permits scripts running on pages originating from the same site to access each other's data with no specific restrictions, but prevents scripts from accessing data that is served from a different domain. Luckily, there are ways round it, including:
- CORS (Cross-Origin Resource Sharing)
- JSONP (JSON Padding)
- The postMessage() method
- Local proxy
This PHP Proxy source code will help you to set up a local proxy, as per item 4 above, to combine document fragments from another domain with your own web content.
You can integrate this PHP Proxy source code into your web application, so you can fetch the contents from 3rd web site and display them on your website.
You can also use this PHP Proxy to solve Mixed Contents
Problem when you call a HTTP iframe from a HTTPS secure web page, this PHP Proxy will help you to solve Mixed
Contents problem for legacy HTTP systems.
- PHP source code, you can deploy it to your server easily.
- Support Base64 encoding, people can hotlink to your proxy.
- Unique to the IP address that generated it. A person that generated that URL, can bookmark it and visit it and any point.
- Unique to that session and IP address, URL no longer valid anywhere when that browser session that generated it ends.
- Support most popular websites.
- Show the web page contents between different web sites, cross domains seamlessly.
- Online Web PHP Proxy can also hide you from the Internet. You don't need to install any plugin or software. You can surf the Internet with anonymity.
After you buy this PHP Proxy source code, you can upload it to your server, you can use it by following way,
[iframe id="MyFrame" style="width:850px; height:470px; overflow:hidden;
margin-top:15px;" frameborder="0" scrolling="no"
You can use an iframe to display the contents which fetched from 3rd website, the contents will be shown to your customers from your web server without Cross Domain and Mixed Contents warnings.
How it Works?
The idea is simple; you make a request to your own script to fetch a resource from another domain, and it returns it to your browser. Hence, the content comes from your own server - no more Access-Control-Allow-Origin error! Here's a diagram to illustrate:
Using a local proxy is best for serving up HTML content from another domain
when your web host supports some sort of server-side scripting. Just be careful
because it also happens to be the riskiest of the cross-domain workarounds due
to its importing of raw HTML - and possibly scripting - from other domains.