Highlighted

How do I reserve JSON data for .getJSON calls?

Engaged ,
Feb 02, 2016

Copy link to clipboard

Copied

I'm able to use cfhttp to query the data. However, I'm not sure how to reserve this data for my jQuery .getJSON() calls. Since I can't do a CORS call with JavaScript, I believed an alternative is to use ColdFusion cfhttp calls. Any suggestion is much appreciated.

Views

480

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

How do I reserve JSON data for .getJSON calls?

Engaged ,
Feb 02, 2016

Copy link to clipboard

Copied

I'm able to use cfhttp to query the data. However, I'm not sure how to reserve this data for my jQuery .getJSON() calls. Since I can't do a CORS call with JavaScript, I believed an alternative is to use ColdFusion cfhttp calls. Any suggestion is much appreciated.

Views

481

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Feb 02, 2016 0
Advocate ,
Feb 02, 2016

Copy link to clipboard

Copied

Not exactly sure what you are asking. I think you are asking how to use CF as a proxy server. This in and of itself is fairly easy but I think I would need to know more specifics as to why as simply proxy services might not be the best solution. Why can't you use CORS? Assuming CORS is really not an option, JSONP would be the next "standard" way to accomplish what I think you are asking. Need more details...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 02, 2016 0
Engaged ,
Feb 02, 2016

Copy link to clipboard

Copied

Thanks, Steve. I probably don't use the correct terms but yes. I'm exploring other alternatives and I came across a thread in jQuery to suggest using CF as a proxy server. However, I have never done much with ColdFusion. I'm in the process of asking if the API provider have their servers CORS enable. If not, then I may have to resort to CF proxy server if there are no other better alternatives. Will you provide links/information on the JSONP option? I have tried using .getJSON and came across the No 'Access-Control-Allow-Origin' header is present on the requested resource error; thus, I'm in the hunt for a solution.

Thanks again.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 02, 2016 0
Advocate ,
Feb 02, 2016

Copy link to clipboard

Copied

JSONP is a pre-CORS technology. The API provider should have info on this if they support it as it requires special handling on their end. If they don't already support a JSONP API, CORS is MUCH easier to support and in my opinion CORS is a much more secure option than JSONP (only data returned from the host as opposed to javascript wrapped data). Hopefully they support CORS as this would be your easiest and most secure approach.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 02, 2016 0
Engaged ,
Feb 02, 2016

Copy link to clipboard

Copied

Okay, I just found out that JSONP will make the API key public. I don't think this is what I want. Is there a way to hide it? If not, I'm guessing then the CF proxy server may be the solution?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 02, 2016 0
Advocate ,
Feb 02, 2016

Copy link to clipboard

Copied

I'm guessing that CORS will have the same issue then as there is not any difference between CORS and JSONP at an API credential level. To write a proxy, look up CFHTTP and CFCONTENT. These two tags are probably a majority of what you need. The only other tags/functions would be anything needed (if needed) to translate from the native API provider response and what you need for your AJAX request (may also need to look at serializeJSON function).

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 02, 2016 0
Engaged ,
Feb 03, 2016

Copy link to clipboard

Copied

Thanks for the input. Let me know ask a dumb question. If I already have the data via CFHTTP, what's the advantage of making it available for AJAX to call?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 03, 2016 0
Advocate ,
Feb 03, 2016

Copy link to clipboard

Copied

I guess I would need to know more of what you are trying to do. Making it available via an AJAX call can let you do client-side "do something" logic but depending on the project, the "do something" may be easier and more straight forward to do server-side. The short answer is: It depends.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 03, 2016 0
Engaged ,
Feb 04, 2016

Copy link to clipboard

Copied

I do not want to reveal the API key to the public and do not want the page to refresh/reload every time there is a change in the page.  Are there any samples of CF proxy server that  I can take a look?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 04, 2016 0
Most Valuable Participant ,
Feb 04, 2016

Copy link to clipboard

Copied

To hide the API key, you will need to use CF to act as a proxy.

If you want your application to behave like a Single Page Application (SPA) (e.g. content is updated or changed on the page without a full page refresh), then you'll need to use AJAX to make that happen.  If you don't mind the page refresh, then all the work can be done server-side.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 04, 2016 1
Engaged ,
Feb 05, 2016

Copy link to clipboard

Copied

Can I use something like CFAjaxproxy for this? If so, will it hide my API key?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 05, 2016 0
Most Valuable Participant ,
Feb 05, 2016

Copy link to clipboard

Copied

Not if you don't want to. I've never used CFAjaxproxy and I have plenty of AJAX stuff in my apps. Any .CFM file, or a .CFC with remote methods can be used to provide AJAX responses to JavaScript requests.  And as long as all of your API interactions are done server-side from those .CFM or .CFC files, nothing is revealed to JavaScript and your web-accessible pages.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 05, 2016 0
Engaged ,
Feb 05, 2016

Copy link to clipboard

Copied

Okay, so basically in my .cfc file, I do a remote method to query my JSON data and then on my .cfm file I will be able to do $.getJSON to this .cfc file to grab all the data, correct?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 05, 2016 0
Most Valuable Participant ,
Feb 05, 2016

Copy link to clipboard

Copied

I should elaborate on this.  Basically, you need a four-step process:

AJAX_API_Sketch.png

  1. Using JavaScript, make an AJAX request to a ColdFusion CFM page/remote CFC method.
  2. That ColdFusion CFM/CFC makes an API request (likely via CFHTTP). There may be multiple parts to this to authenticate to the API and get a token/key, then use that key to make the actual API request.
  3. API server returns a response with the requested data.
  4. The ColdFusion CFM/CFC passes that response back to the browser.

Since the API key only comes into play in step 2 and is solely between the ColdFusion server and the API server, that key is never shared with the browser

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 05, 2016 1
2Charlie LATEST
Engaged ,
Feb 05, 2016

Copy link to clipboard

Copied

Right now, I am already have step 2 and 3 done. I just need clarification on how to do 1 and 4. This is my current code to display the data from the chttp api call.

<cfif !IsJSON(articleData)>

  <h3>The URL you requested does not provide valid JSON</h3>

  <!--- If the data is in JSON format, deserialize it. --->

<cfelse>  

  <cfset cfData=DeserializeJSON(articleData)>

  <!---<cfdump var=#cfData# >--->

  <cfif structKeyExists(cfData, 'data')>

        <cfoutput>

        <h1>#cfData.data.searchTitle.en#</h1>

            <p>#cfData.data.current_version.en.text#</p>

        </cfoutput>

    </cfif>   

</cfif>

How do I modify this code to pass this information to the client's browser?

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
Feb 05, 2016 0