1

I asked a question earlier but did not word it correctly so it got brushed over.

Basically, I am creating a windows 7 gadget that will access XML data from www.weather.gov and display some current conditions. 

        function weat()
        {

            var url = "http://www.weather.gov/xml/current_obs/KMSY.xml";


            source.open("GET", url, false);
            source.send(null);
            info = source.responseXML;

            document.write("<table border='1'>");
            var stuff = info.getElementsByTagName("temp_f");

            document.write("<tr><td>");
            document.write(stuff);
            document.write("</tr></td>");
            document.write("</table>");

        }

Basically I am trying to get this to work from my desktop, and I'm not totally sure what the problem is. I still think it is a cross-site problem, since stuff prints as undefined, but I'm not totally sure of that. If anyone could help me, I've been googling possible solutions for about 6 hours now and I'm getting pretty frustrated.

Eric
  • 49
  • 4

2 Answers2

1

You either need a server-side proxy or you need to find a weather service that supports JSONP

jiggy
  • 3,828
  • 1
  • 25
  • 40
  • How would a proxy or JSONP help? – Albireo Jul 19 '11 at 11:53
  • @Albireo, If you configure a web server on your own domain that proxies requests to weather.gov, your script can get the data from it's own domain thus avoiding the security restriction. JSONP works via ` – jiggy Jul 19 '11 at 14:33
  • A Windows' gadget does not have a domain, there is no such thing as "Same Origin Policy" (I'm saying this out of experience, I currently have a Windows 7 gadget I created which fetches a `text/plain` from a "outside" domain, and it works with a simple XHR). – Albireo Jul 19 '11 at 15:12
  • @Albireo, Ah, it seems you are correct. OP marked me as correct though. Was this actually fixed or not? – jiggy Jul 19 '11 at 15:31
  • Hmm. I still haven't quite fixed the problem, but I marked this as correct because I assumed this was impossible. As of right now, it still doesn't quite work, but it's completely possible that the XML request is not the problem – Eric Jul 19 '11 at 18:55
0

I'm not familiar with Gadget. But in desktop browsers, I'm afraid Same origin policy prevent from any cross domain access.

One exception is that in Chromium, local pages (file://) can access remote URL only if --disable-web-securities is set when starting Chromium in command line.

Ghostoy
  • 2,689
  • 19
  • 18
  • Windows' gadget does not enforce the same origin policy (BTW, there is no "domain" to begin with), they allow AJAX requests to any domain. – Albireo Jul 19 '11 at 11:50