Jquery 如何使用Google Calendar API和OAuth绕过AJAX跨域限制
于2011年12月10日东部时间17:00编辑,以更正calendar_functions.js的XML代码中的两个打字错误 我正在本地的笔记本电脑上,在一个动态IP的后面,开发一个通过AJAX与Google日历API交互的网站应用程序。我不知道如何绕过AJAX的跨域限制,因为谷歌的文档并没有真正提到这一点。也许问题在于对谷歌的请求来自Jquery 如何使用Google Calendar API和OAuth绕过AJAX跨域限制,jquery,oauth,google-calendar-api,Jquery,Oauth,Google Calendar Api,于2011年12月10日东部时间17:00编辑,以更正calendar_functions.js的XML代码中的两个打字错误 我正在本地的笔记本电脑上,在一个动态IP的后面,开发一个通过AJAX与Google日历API交互的网站应用程序。我不知道如何绕过AJAX的跨域限制,因为谷歌的文档并没有真正提到这一点。也许问题在于对谷歌的请求来自http://domain而不是像http://domain.net Google提供了注册您的web应用程序的功能(http://code.google.com
http://domain
而不是像http://domain.net
Google提供了注册您的web应用程序的功能(http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html
),这将为我提供唯一的消费者密钥/消费者密钥对,但注册表不接受http://domain
作为域。没有注册,这对是匿名的
Stackoverflow帖子解释说,Google通过动态地将脚本标记注入文档的头部来解决这个问题。我尝试了该线程中描述的三种方法,但在Chrome的控制台中仍然有相同的消息:“Originhttp://domain
是访问控制允许原点不允许的。“
谷歌关于签署OAuth请求的文档位于http://code.google.com/apis/accounts/docs/OAuth_ref.html#SigningOAuth
下面是我正在测试的表单,它将向日历中添加一个单一事件:
<?php // calendar.php
session_start();
require_once 'header.php';
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Site's Title</title>
<link rel="stylesheet" href="/styles.css">
<script type="text/javascript" src="/js/jquery.js"></script>
<script type="text/javascript" src="/js/UMDNJ.js"></script>
<script type="text/javascript" src="/js/oauth_lib/sha1.js"></script>
<script type="text/javascript" src="/js/oauth_lib/oauth.js"></script>
<script type="text/javascript">
$(document).ready( function() {
$.getScript('/includes/calendar_functions.js', function() {
alert("calendar_functions.js has been added");
});
});
</script>
</head>
<body>
<h3>Add Calendar Event</h3>
<div id="addEvent">
<form action="calendar.php" id="addEventForm" method="POST">
<label>Event title: </label><input type="text" name="eventTitle" id="eventTitle" size="20" /><br />
<label>Event content: </label><textarea name="eventContent" id="eventContent" cols="20" rows="5"></textarea><br />
<label>Location: </label><input type="text" name="eventLoc" id="eventLoc" size="20" /><br />
<label>Start time: </label><input type="text" name="startTime" id="startTime" size="20" /><br />
<label>End time: </label><input type="text" name="endTime" id="endTime" size="20" /><br />
<input type="submit" name="eventSubmit" value="Submit" />
</form>
</div> <!-- /#addEvent -->
</body>
</html>
网站名称
$(文档).ready(函数(){
$.getScript('/includes/calendar_functions.js',function(){
警报(“已添加calendar_functions.js”);
});
});
添加日历事件
活动名称:
活动内容:
地点:
开始时间:
结束时间:
下面是处理表单提交事件的jQuery,代码借用自:
//calendar\u functions.js
dateObj=新日期();
函数nonce(长度){
var chars=“0123456789abcdefghijklmnopqrstuvwxtzabcdfghiklmnopqrstuvwxyz”;
var结果=”;
对于(变量i=0;i ')之前;
setRequestHeader('Authorization','OAuth'+connectD);
},
成功:函数(数据、文本状态、jqXHR){
$(“#addEvent”)。之前('Success!
数据:'+Data+'
文本状态:'+textStatus');
console.log(数据、文本状态);
},
错误:函数(jqXHR、textStatus、errorshown){
$(“#addEvent”)。之前(“”+textStatus+”
“+errorshown+”);
var res=jqXHR.getAllResponseHeaders();
console.info(jqXHR、textStatus、errorboorn);
},
});
返回false;
});
我感谢任何人的建议
// calendar_functions.js
dateObj = new Date();
function nonce( length ) {
var chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
var result = "";
for (var i = 0; i < length; ++i) {
var rnum = Math.floor(Math.random() * chars.length);
result += chars.substring(rnum, rnum+1);
}
return result;
}
$("#addEventForm").submit(function() {
// Make the XML for creating a new calendar event
var eventTitle = $("#eventTitle").val();
var eventContent = $("#eventContent").val();
var startTime = $("#startTime").val();
var endTime = $("#endTime").val();
var eventLoc = $("#eventLoc").val();
var eventXML = "<entry xmlns='http://www.w3.org/2005/Atom' xmlns:gd='http://schemas.google.com/g/2005'>";
eventXML += "<category scheme='http://schemas.google.com/g/2005#kind' term='http://schemas.google.com/g/2005#event'></category>";
eventXML += "<title type='text'>"+eventTitle+"</title>";
eventXML += "<content type='text'>"+eventContent+"</content>";
eventXML += "<gd:transparency value='http://schemas.google.com/g/2005#event.opaque'></gd:transparency>";
eventXML += "<gd:eventStatus value='http://schemas.google.com/g/2005#event.confirmed'></gd:eventStatus>";
eventXML += "<gd:where valueString='"+eventLoc+"'></gd:where>";
eventXML += "<gd:when startTime='"+startTime+"' endTime='"+endTime+"'></gd:when>";
eventXML += "</entry>";
// Set connection details
var Connection = {
method: "POST",
url: "https://www.google.com/calendar/feeds/default/private/full",
params: {
oauth_version: "1.0",
oauth_nonce: nonce(30),
oauth_timestamp: dateObj.getTime(),
oauth_consumer_key: "anonymous",
oauth_token: "--hidden for stackoverflow post for security reasons--",
oauth_signature_method: "HMAC-SHA1",
}
};
var oauth_consumer_secret = "anonymous";
var oauth_token_secret = "--hidden for stackoverflow post for security reasons--";
var oauth_verifier = "--hidden for stackoverflow post for security reasons--";
// Encode connection details
var connectD = OAuth.percentEncode('oauth_version')+'="'+OAuth.percentEncode(Connection.params.oauth_version)+'"';
connectD += ','+OAuth.percentEncode('oauth_nonce')+'="'+OAuth.percentEncode(Connection.params.oauth_nonce)+'"';
connectD += ','+OAuth.percentEncode('oauth_timestamp')+'="'+OAuth.percentEncode(Connection.params.oauth_timestamp)+'"';
connectD += ','+OAuth.percentEncode('oauth_consumer_key')+'="'+OAuth.percentEncode(Connection.params.oauth_consumer_key)+'"';
connectD += ','+OAuth.percentEncode('oauth_token')+'="'+OAuth.percentEncode(Connection.params.oauth_token)+'"';
connectD += ','+OAuth.percentEncode('oauth_signature_method')+'="'+OAuth.percentEncode(Connection.params.oauth_signature_method)+'"';
// Make the base string
var baseString = Connection.method+'&'+Connection.url+'&'+OAuth.SignatureMethod.normalizeParameters(Connection.params);
baseString = OAuth.percentEncode(baseString);
// Make the signature
var theKey = oauth_consumer_secret+'&'+oauth_token_secret;
var b64pad = '=';
var signature = b64_hmac_sha1(theKey, baseString);
// Add signature to encoded base connection details
connectD += ','+OAuth.percentEncode('oauth_signature')+'="'+OAuth.percentEncode(signature)+'"';
// alert(connectD);
// alert(baseString);
alert(signature);
// Submit request to Google via AJAX
$.ajax({
type: 'POST',
url: 'https://www.google.com/calendar/feeds/default/private/full',
data: eventXML,
dataType: 'xml',
contentType: 'application/atom+xml',
// headers: [
// ['Access-Control-Allow-Origin', '*'],
// ['Authorization', 'OAuth '+connectD]
// ],
beforeSend: function(xhr) {
$("#addEvent").before('<div id="message_center">uploading...<br /></div>');
xhr.setRequestHeader('Authorization', 'OAuth '+connectD);
},
success: function(data, textStatus, jqXHR) {
$("#addEvent").before('<div id="message_center">Success!<br /> Data: '+data+'<br />textStatus: '+textStatus);
console.log(data, textStatus);
},
error: function(jqXHR, textStatus, errorThrown) {
$("#addEvent").before('<div id="message_center">'+textStatus+'<br />'+errorThrown+'</div>');
var res = jqXHR.getAllResponseHeaders();
console.info(jqXHR, textStatus, errorThrown);
},
});
return false;
});