Not exactly sure what you are asking. I think you are asking how to use CF as a proxy server. This in and of itself is fairly easy but I think I would need to know more specifics as to why as simply proxy services might not be the best solution. Why can't you use CORS? Assuming CORS is really not an option, JSONP would be the next "standard" way to accomplish what I think you are asking. Need more details...
Thanks, Steve. I probably don't use the correct terms but yes. I'm exploring other alternatives and I came across a thread in jQuery to suggest using CF as a proxy server. However, I have never done much with ColdFusion. I'm in the process of asking if the API provider have their servers CORS enable. If not, then I may have to resort to CF proxy server if there are no other better alternatives. Will you provide links/information on the JSONP option? I have tried using .getJSON and came across the No 'Access-Control-Allow-Origin' header is present on the requested resource error; thus, I'm in the hunt for a solution.
Okay, I just found out that JSONP will make the API key public. I don't think this is what I want. Is there a way to hide it? If not, I'm guessing then the CF proxy server may be the solution?
I'm guessing that CORS will have the same issue then as there is not any difference between CORS and JSONP at an API credential level. To write a proxy, look up CFHTTP and CFCONTENT. These two tags are probably a majority of what you need. The only other tags/functions would be anything needed (if needed) to translate from the native API provider response and what you need for your AJAX request (may also need to look at serializeJSON function).
Thanks for the input. Let me know ask a dumb question. If I already have the data via CFHTTP, what's the advantage of making it available for AJAX to call?
I guess I would need to know more of what you are trying to do. Making it available via an AJAX call can let you do client-side "do something" logic but depending on the project, the "do something" may be easier and more straight forward to do server-side. The short answer is: It depends.
I do not want to reveal the API key to the public and do not want the page to refresh/reload every time there is a change in the page. Are there any samples of CF proxy server that I can take a look?
To hide the API key, you will need to use CF to act as a proxy.
If you want your application to behave like a Single Page Application (SPA) (e.g. content is updated or changed on the page without a full page refresh), then you'll need to use AJAX to make that happen. If you don't mind the page refresh, then all the work can be done server-side.
Can I use something like CFAjaxproxy for this? If so, will it hide my API key?
Okay, so basically in my .cfc file, I do a remote method to query my JSON data and then on my .cfm file I will be able to do $.getJSON to this .cfc file to grab all the data, correct?
I should elaborate on this. Basically, you need a four-step process:
- That ColdFusion CFM/CFC makes an API request (likely via CFHTTP). There may be multiple parts to this to authenticate to the API and get a token/key, then use that key to make the actual API request.
- API server returns a response with the requested data.
- The ColdFusion CFM/CFC passes that response back to the browser.
Since the API key only comes into play in step 2 and is solely between the ColdFusion server and the API server, that key is never shared with the browser
Right now, I am already have step 2 and 3 done. I just need clarification on how to do 1 and 4. This is my current code to display the data from the chttp api call.
<h3>The URL you requested does not provide valid JSON</h3>
<!--- If the data is in JSON format, deserialize it. --->
<!---<cfdump var=#cfData# >--->
<cfif structKeyExists(cfData, 'data')>
How do I modify this code to pass this information to the client's browser?