Hack 59. Find Out Whether Ajax Is Calling in the Request

Previous page
Table of content
Next page

Discover whether XMLHttpRequest or a URL in a browser is requesting an action.

One of the issues with defining simple actions in Ruby on Rails is that once an action that responds with a fine-grained value (such as a string or small HTML chunk) is defined, users can make direct requests for that little value in their browsers. But chances are, those values were designed only for XMLHttpRequest objects.

For example, "Periodically Make a Remote Call" [Hack #61] uses the request object to periodically get a string representing the current date. It calls an action named increment, which looks like this in the controller object:

def increment     tz=TimeZone.create("TZ",-60*60*5)         render :text => tz.now(  ).to_s     end end

You don't want the users to be able to call this action directly in their browsers, as in http://localhost:3000/hacks/increment, because it is designed only for calling by Ajax behind the scenes.

Are You XMLHttpRequest?

Thankfully, the Rails API has a method that can detect whether a request involves XMLHttpRequest or not. Here's how we can change our action in the controller:

def increment     tz=TimeZone.create("TZ",-60*60*5)     if @request.xml_http_request?(  )     render :text => tz.now(  ).to_s     end end

This action renders the specified text only if the request originates from XMLHttpRequest. @request is an instance variable that is available inside the ActionController class. Its xml_http_request?( ) method returns true if the request includes an X-Requested-With header containing the value XMLHttpRequest.

The Prototype package will include this header with those types of requests.


If the if condition returns false in the code sample, the controller object displays a view with the action name increment. In other words, it looks for <web-app-root>/views/hacks/increment.rhtml. If this view is not available, Rails raises an exception along the lines of "template increment.rhtml missing."

If you use Ajax a lot with Rails, you will find that a number of actions are defined solely for Ajax-related requests. This technique is a handy way to ensure that requests that don't originate from the request object are rejected.



Previous page
Table of content
Next page
Ajax Hacks
Ajax Hacks: Tips & Tools for Creating Responsive Web Sites
ISBN: 0596101694
EAN: 2147483647
Year: 2006
Pages: 138
Authors: Bruce W. Perry
BUY ON AMAZON
Snort Cookbook
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
Building Web Applications with UML (2nd Edition)
Competency-Based Human Resource Management
Microsoft WSH and VBScript Programming for the Absolute Beginner
HTI+ Home Technology Integrator & CEDIA Installer I All-In-One Exam Guide
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy