[thelist] including remote/third-party content
David Kaufman
david at gigawatt.com
Fri Jul 27 00:30:57 CDT 2007
Hi Joel,
Joel D Canfield <joel at streamliine.com> wrote:
> our client's site requires a third-party web tool to be built into
> their site. their current site uses frames, allowing the vendor's
> content to spill down and over as far as necessary.
>
> I've avoided frames and iframes since about '96, but I'm not aware of
> any other way to include someone else's page within our own.
>
> Frames, or iframes?
Neither! No, never -- not that! :-)
> random ideas welcome; thinking outside the box is encouraged.
One random idea: if this is a dedicated server where you can turn on
Apache modules that shared-hosting providers tend to turn off, then I
would suggest a reverse proxy. This is exactly what they are for.
I did this just last week to integrate a Google Search appliance
transparently with a group of websites. The webserver transparently
shuttles requests for the Google Mini's front-end web interface off to
the appliance, and delivers its replies to the visitor as if it were its
own web pages. To the end user the application appears to be
"installed" in a subdirectory of the website when, in fact, the search
appliance is a completely different box which could have been a thousand
miles (instead of 2 rack units) away. In fact, by tomorrow morning the
new search app should be live -- it's the site search on
www.gunsandammomag.com
See the ProxyPassReverse directive docs:
http://httpd.apache.org/docs/1.3/mod/mod_proxy.html#proxypassreverse
My setup is exactly as simple as the first reverse proxy example shown:
ProxyPass /searchresults/ http://10.0.0.2/
ProxyPassReverse /searchresults/ http://10.0.0.2/
Boom. done. I've also used this same technique (years ago) to expose an
ASP application running on an IIS/NT webserver behind the company's
firewall seamlessly into their front-end webserver which was a Linux
box.
In that case we needed a few more lines of configuration, to rewrite the
cookies (used for authentication) as they moved back and forth, but it
was still pretty much cake.
Here's an example of someone else doing just that (proxying a backend
Windows server app transparently through a front-end apache server):
http://liststest.squeakfoundation.org/pipermail/seaside/2006-February/006841.html
Reverse proxy's are of course serious voodoo. If the content you want
to expose is just a form, or some flash, or even just html that you want
the "third party" to have to maintain...
Here's an Extra-boxestrial Thought: Think like an ad server.
You put a tag on your page:
<script src="someotherguys.com/cool/tools.js"></script>
His script document.write()'s html, javascript, forms, img tags --
whatever you need -- right into your page.
I did one of these for a friend who wanted to share his frequently
updated (and lovingly maintained) list of current Astronomy related news
stories with other astronomy sites. His site is AstronomyLinks.com and
he calls the service AstroWire: http://astronomylinks.com/astrowire.htm.
All he does is maintain a few static html files like this one:
http://www.gigawatt.com/dk/sidemenu/al_astrowire_2_main.txt
And my (server-side perl) script reads that file, encodes it as
javascript literal strings and outputs a (client-side javascript) script
that will "write" that HTML into anybody's page:
http://www.gigawatt.com/dk/sidemenu/headlines.cgi
In an ironic twist of tags, the end-user includes the link to the CGI,
as if it were a link to a .JS file, like this:
<script language="JavaScript"
src="http://gigawatt.com/dk/sidemenu/headlines.cgi"></script>
And the results look like this:
http://www.gigawatt.com/dk/sidemenu/test_js.html
In a sick test, I also discovered that the technique is not limited to
text. You can document.write() binary data into a page and call it a
gif, and browsers belive you!
That was 5 years a go, and here's a site still using it!
http://www.skyscopes.com/
I guess it's "a poor man's proxy" but hey, it works -- and without
frames! :-)
Hope this helps!
-dave
More information about the thelist
mailing list