There are workarounds using crossdomain files to solve someo of these problems. However, we do not support a crossdomain file for our freeapi.daylife.com domain that lets your widget read data from anywhere.
To work-around these security issues, you need a proxy that you can host on the same domain as your widget and that proxies all DayPI calls.
Read more below to learn how to use this proxy.
The attached code in PHP has the following features:
- You provide a partial urelconded DayPI URL in the request parameter of this API. For e.g., if your API call is supposed to be:
you provide the following value to the request parameter:
Idea is to take the portion of the DayPI URL beyond the domain name http://freaapi.daylife.com/ and urlencode it. If you host this PHP file in the document root of your server (say http://example.com), your widget will make the API call using the proxy as follows:
- If you are requesting json data, you can add a parameter __callbackto the proxy.php with a value of the function name that you want. The __callback parameter (__callback
=function) wraps the JSON output text in parentheses and a function name of your choosing.
- The proxy gives you an easy way to make customizations with how you call the DayPI without having to worry about your widget code. For e.g., if you want all your API calls to be source filtered, you can add that source filter in the DayPI call by changing the proxy code and not have to worry about changing the widget code.