Ajax Proxy
Overview
Ajax Proxy is a CFM file located in the /_cs_apps/ directory of your site (Note: this file was copied from the /ADF/core/site-sample/ directory as a part of installation) directory. The concept of the Proxy is to have a single endpoint for all ajax calls into the ADF library and/or Apps that are built. The goal with this single endpoint is two-fold:
- Control security access to the methods within the ADF
- Load the site application space so library and app calls have site level context
Usage
To use the Ajax Proxy in a jQuery get/post call, do the following:
- URL to call is #application.ADF.ajaxProxy#
- Add in the name of the bean you want to call
- Add in the name of the method within that bean you want to call
- Add any other parameters (which will be passed into your function)
Example
If you wanted to call the "getSubsiteStruct()" method (returns an array of subsite data) in the csData_1_0 component you would do the following:
jQuery.get("#application.ADF.ajaxProxy#", { bean: "CSData_1_0", method: "getSubsiteStruct", subsiteURL: "#request.subsite.url#", returnFormat: "json" }, function( results ) ... });
Note: notice how the "bean" (e.g cfc or component) requires the version
Moving Ajax Proxy
As a part of the installation of the ADF you were required to copy the ajaxProxy.cfm located in /ADF/core/site-sample/ into your sites /_cs_apps/ directory. Additionally, you copied ADF.cfc (located in your /_cs_apps/ directory) into the same directory (/_cs_apps).
If you would like to move the Ajax Proxy (say into the root of your site) you must:
- Move the ajaxProxy.cfm file into the root of your site
- Open ADF.cfc (from the /_cs_apps/ directory in your site) and modify the following line:
setAjaxProxyURL("#request.site.csAppsWebURL#ajaxProxy.cfm");
change to:
setAjaxProxyURL("ajaxProxy.cfm");
Security
By default all methods within an application or the ADF library are locked down. To make a method available you must add it to either your applications Proxy White List (recommended) or the global Proxy White List.
If your method performs potentially dangerous actions, you may also want to verify the call is being conducted by a licensed contributor or a site admin.