YUI 3.x Home -

YUI Library Examples: Get: Getting a Script Node with JSON Data

Get: Getting a Script Node with JSON Data

This example employs the YUI Get Utility in a simple use case: retrieving JSON data from a cross-domain web service. While this is a relatively common usage, it's important to understand the security ramifications of this technique. Scripts loaded via the Get Utility (or any other "script node" solution) execute immediately once they are loaded. If you do not fully control (or fully trust) the script's source, this is not a safe technique and it can put the security of your users' data at risk. (For more information on the dangers of cross-site scripting [XSS] exploits, check out the Wikipedia entry on this subject.)

Here, we will use a trusted Yahoo! Search web service called Site Explorer to return a list of inbound links for a given URL. The principal difference between this example and similar examples using YUI IO Utility is that this technique does not require a server-side proxy. The browser connects directly to the third-party web service without bouncing through a proxy page as is required when using the XMLHttpRequest object (on which IO Utility relies).

Using the Get Utility to Get a Script File with JSON-formatted Contents

Here, we'll use the YUI Get Utility to retrieve data via the Yahoo! Search Site-Explorer web service, one of many Yahoo! APIs that support JSON.

First, we create a plain HTML form that will work for users who do not have JavaScript enabled:

  1. <div id="container">
  2. <!-- Use a real form that works without JavaScript: -->
  3. <form method="GET" action="http://siteexplorer.search.yahoo.com/advsearch" id="siteExplorer">
  4. <label for="searchString">Site URL:</label>
  5. <input type="text" name="searchString" id="p" value="http://developer.yahoo.com/yui" size="40">
  6. <input type="hidden" name="bwm" value="i">
  7. <input type="hidden" name="bwms" value="p">
  8. <input type="submit" id="siteExplorerButton" value="Click here to get JSON data.">
  9. </form>
  10. <div id="results">
  11. <!--JSON output will be written to the DOM here-->
  12. </div>
  13. </div>
<div id="container">
  <!-- Use a real form that works without JavaScript: -->
  <form method="GET" action="http://siteexplorer.search.yahoo.com/advsearch" id="siteExplorer">
    <label for="searchString">Site URL:</label>
    <input type="text" name="searchString" id="p" value="http://developer.yahoo.com/yui" size="40">
    <input type="hidden" name="bwm" value="i">
    <input type="hidden" name="bwms" value="p">
    <input type="submit" id="siteExplorerButton" value="Click here to get JSON data.">
  </form>
  <div id="results">
    <!--JSON output will be written to the DOM here-->
  </div>
</div>

With this in place, we can progressively enhance the form to create an in-page interaction for users with JavaScript turned on.

The most important JavaScript piece here is the method that we fire on form submission. This method triggers our call to the Get Utility. This method, called getSiteExplorerData, accomplishes four things:

  1. It loads a transitional state for the display, alerting the user to the fact that data is being retrieved as a result of her action;
  2. It prepares the URL that will be passed to the Get Utility;
  3. It calls the Get Utility, passing in the URL of the script resource to load (in this case, the URL of our web service with the relevant paramaters assembled in the querystring);
  4. It specifies the callback and the context in which the callback should run. Note that in this example the web service itself provides callback functionality, allowing us to pass a globally accessible callback function name as one of the parameters of the REST API; you can see this reference below. As a result, we're making direct use of the intrinsic web service callback in this example and just stubbing out the built-in Get Utility callback for the sake of illustration.

  1. //function to retrieve data from Yahoo! Site Explorer web service --
  2. // http://developer.yahoo.com/search/siteexplorer/V1/inlinkData.html
  3.  
  4. var getSiteExplorerData = function() {
  5. Y.log("Button clicked; getSiteExplorerData firing.", "info", "example");
  6.  
  7. // block multiple requests
  8. if (loading) {
  9. return;
  10. }
  11. loading = true;
  12.  
  13. //Load the transitional state of the results section:
  14. elResults.set("innerHTML", "<h3>Retrieving incoming links for " +
  15. Y.one("#searchString").get('value') + ":</h3>" +
  16. "<img src='http://l.yimg.com/a/i/nt/ic/ut/bsc/busybar_1.gif' " +
  17. "alt='Please wait...'>");
  18.  
  19. //prepare the URL for the Yahoo Site Explorer API:
  20. var sURL = "http://search.yahooapis.com/SiteExplorerService/V1/inlinkData?" +
  21. "appid=3wEDxLHV34HvAU2lMnI51S4Qra5m.baugqoSv4gcRllqqVZm3UrMDZWToMivf5BJ3Mom" +
  22. "&results=20&output=json&omit_inlinks=domain" +
  23. "&callback=MyNamespace.callback" +
  24. "&query=" + encodeURIComponent(Y.one("#searchString").get('value'));
  25.  
  26. //This simple line is the call to the Get Utility; we pass
  27. //in the URL and the configuration object, which in this case
  28. //consists merely of our success and failure callbacks:
  29. var transactionObj = Y.Get.script(sURL, {
  30. onSuccess: onSiteExplorerSuccess,
  31. onFailure: onSiteExplorerFailure,
  32. onTimeout: onSiteExplorerTimeout,
  33. timeout: 20000,
  34. context: Y
  35. });
  36.  
  37. //The script method returns a single-field object containing the
  38. //tranaction id:
  39. Y.log("Get Utility transaction started; transaction object: " + Y.dump(transactionObj), "info", "example");
  40.  
  41. // keep track of the current transaction id. The transaction will be
  42. // considered complete only if the web service callback is executed.
  43. current = transactionObj.tId;
  44. };
//function to retrieve data from Yahoo!  Site Explorer web service --
// http://developer.yahoo.com/search/siteexplorer/V1/inlinkData.html
 
var getSiteExplorerData = function() {
    Y.log("Button clicked; getSiteExplorerData firing.", "info", "example");
 
    // block multiple requests
    if (loading) {
        return;
    }
    loading = true;
 
    //Load the transitional state of the results section:
    elResults.set("innerHTML", "<h3>Retrieving incoming links for " +
        Y.one("#searchString").get('value') + ":</h3>" +
        "<img src='http://l.yimg.com/a/i/nt/ic/ut/bsc/busybar_1.gif' " +
        "alt='Please wait...'>");
 
    //prepare the URL for the Yahoo Site Explorer API:
    var sURL = "http://search.yahooapis.com/SiteExplorerService/V1/inlinkData?" +
        "appid=3wEDxLHV34HvAU2lMnI51S4Qra5m.baugqoSv4gcRllqqVZm3UrMDZWToMivf5BJ3Mom" +
        "&results=20&output=json&omit_inlinks=domain" +
        "&callback=MyNamespace.callback" +
        "&query=" + encodeURIComponent(Y.one("#searchString").get('value'));
 
    //This simple line is the call to the Get Utility; we pass
    //in the URL and the configuration object, which in this case
    //consists merely of our success and failure callbacks:
    var transactionObj = Y.Get.script(sURL, {
        onSuccess: onSiteExplorerSuccess,
        onFailure: onSiteExplorerFailure,
        onTimeout: onSiteExplorerTimeout,
        timeout: 20000,
        context: Y
    });
 
    //The script method returns a single-field object containing the
    //tranaction id:
    Y.log("Get Utility transaction started; transaction object: " + Y.dump(transactionObj), "info", "example");
 
    // keep track of the current transaction id.  The transaction will be
    // considered complete only if the web service callback is executed.
    current = transactionObj.tId; 
};

The full JavaScript codeblock for this example reads as follows:

  1. // We are going to create a global variable to get the
  2. // data back from the web service
  3. MyNamespace = YUI.namespace('example.SiteExplorer');
  4.  
  5. var elResults = Y.one("#results"),
  6. tIds = {},
  7. loading = false,
  8. current = null;
  9.  
  10. // We use the Get Utility's success handler in conjunction with
  11. // the web service callback in order to detect bad responses
  12. // from the web service.
  13. var onSiteExplorerSuccess = function(o) {
  14.  
  15. // stop blocking requests
  16. loading = false;
  17.  
  18. // A success response means the script node is inserted. However, the
  19. // utility is unable to detect whether or not the content of the script
  20. // node is correct, or even if there was a bad response (like a 404
  21. // error). To get around this, we use the web service callback to
  22. // verify that the script contents was correct.
  23. if (o.tId in tIds) {
  24. Y.log("The Get Utility has fired the success handler indicating that the " +
  25. "requested script has loaded and is ready for use.", "info", "example");
  26. } else {
  27. Y.log("The Get utility has fired onSuccess but the webservice callback did not " +
  28. "fire. We could retry the transaction here, or notify the user of the " +
  29. "failure.", "info", "example");
  30. }
  31.  
  32. };
  33.  
  34. var onSiteExplorerFailure = function(o) {
  35. Y.log("The Get Utility failed.", "info", "example");
  36. };
  37.  
  38. var onSiteExplorerTimeout = function(o) {
  39. Y.log("The Get Utility timed out.", "info", "example");
  40. };
  41.  
  42. //function to retrieve data from Yahoo! Site Explorer web service --
  43. // http://developer.yahoo.com/search/siteexplorer/V1/inlinkData.html
  44. var getSiteExplorerData = function() {
  45. Y.log("Button clicked; getSiteExplorerData firing.", "info", "example");
  46.  
  47. // block multiple requests
  48. if (loading) {
  49. return;
  50. }
  51. loading = true;
  52.  
  53. //Load the transitional state of the results section:
  54. elResults.set("innerHTML", "<h3>Retrieving incoming links for " +
  55. Y.one("#searchString").get('value') + ":</h3>" +
  56. "<img src='http://l.yimg.com/a/i/nt/ic/ut/bsc/busybar_1.gif' " +
  57. "alt='Please wait...'>");
  58.  
  59. //prepare the URL for the Yahoo Site Explorer API:
  60. var sURL = "http://search.yahooapis.com/SiteExplorerService/V1/inlinkData?" +
  61. "appid=3wEDxLHV34HvAU2lMnI51S4Qra5m.baugqoSv4gcRllqqVZm3UrMDZWToMivf5BJ3Mom" +
  62. "&results=20&output=json&omit_inlinks=domain" +
  63. "&callback=MyNamespace.callback" +
  64. "&query=" + encodeURIComponent(Y.one("#searchString").get('value'));
  65.  
  66. //This simple line is the call to the Get Utility; we pass
  67. //in the URL and the configuration object, which in this case
  68. //consists merely of our success and failure callbacks:
  69. var transactionObj = Y.Get.script(sURL, {
  70. onSuccess: onSiteExplorerSuccess,
  71. onFailure: onSiteExplorerFailure,
  72. onTimeout: onSiteExplorerTimeout,
  73. timeout: 20000,
  74. context: Y
  75. });
  76.  
  77. //The script method returns a single-field object containing the
  78. //tranaction id:
  79. Y.log("Get Utility transaction started; transaction object: " + Y.dump(transactionObj), "info", "example");
  80.  
  81. // keep track of the current transaction id. The transaction will be
  82. // considered complete only if the web service callback is executed.
  83. current = transactionObj.tId;
  84. };
  85.  
  86. MyNamespace.callback = function(results) {
  87. Y.log("Web service returned data to Y.example.SiteExplorer.callback; beginning to process.", "info", "example");
  88.  
  89. // Mark the transaction as complete. This will be checked by the onSuccess
  90. // handler to determine if the transaction really succeeded.
  91. tIds[current] = true;
  92.  
  93. //work with the returned data to extract meaningful fields:
  94. var aResults = results.ResultSet.Result;
  95. var totalLinks = results.ResultSet.totalResultsAvailable;
  96. var returnedLinkCount = results.ResultSet.totalResultsReturned;
  97.  
  98. if(aResults) {//there are inbound links; process and display them:
  99.  
  100. //write header and open list of inbound links:
  101. var html = "<h3>There are " +
  102. totalLinks +
  103. " inbound links for this page; here are the first " +
  104. returnedLinkCount +
  105. ":</h3><ol>";
  106.  
  107. //process list of inbound links:
  108. for (var i=0; i < aResults.length; i++) {
  109. html += "<li><strong>" +
  110. aResults[i].Title +
  111. ":</strong> <a href='" +
  112. aResults[i].Url +
  113. "'>" + aResults[i].Url +
  114. "</a></li>";
  115. }
  116.  
  117. //close list of inbound links
  118. html += "</ol>";
  119.  
  120. } else {//no inbound links exist for this page:
  121.  
  122. var html = "<h3>There are no inbound links for the page specified.</h3>";
  123.  
  124. }
  125.  
  126. //insert string into DOM:
  127. elResults.set('innerHTML', html);
  128. };
  129.  
  130. //suppress default form behavior
  131. Y.on("submit", function(e) {
  132. e.preventDefault();
  133. getSiteExplorerData();
  134. }, "#siteExplorer");
  135.  
// We are going to create a global variable to get the 
// data back from the web service
MyNamespace = YUI.namespace('example.SiteExplorer');
 
var elResults = Y.one("#results"),
    tIds = {},
    loading = false,
    current = null;
 
// We use the Get Utility's success handler in conjunction with
// the web service callback in order to detect bad responses 
// from the web service.
var onSiteExplorerSuccess = function(o) {
 
    // stop blocking requests
    loading = false;
 
    // A success response means the script node is inserted.  However, the
    // utility is unable to detect whether or not the content of the script
    // node is correct, or even if there was a bad response (like a 404
    // error).  To get around this, we use the web service callback to
    // verify that the script contents was correct.
    if (o.tId in tIds) {
Y.log("The Get Utility has fired the success handler indicating that the " +
      "requested script has loaded and is ready for use.", "info", "example");
    } else {
Y.log("The Get utility has fired onSuccess but the webservice callback did not " +
      "fire.  We could retry the transaction here, or notify the user of the " +
      "failure.", "info", "example");
    }
 
};
 
var onSiteExplorerFailure = function(o) {
Y.log("The Get Utility failed.", "info", "example");
};
 
var onSiteExplorerTimeout = function(o) {
Y.log("The Get Utility timed out.", "info", "example");
};
 
//function to retrieve data from Yahoo! Site Explorer web service --
// http://developer.yahoo.com/search/siteexplorer/V1/inlinkData.html
var getSiteExplorerData = function() {
    Y.log("Button clicked; getSiteExplorerData firing.", "info", "example");
 
    // block multiple requests
    if (loading) {
        return;
    }
    loading = true;
 
    //Load the transitional state of the results section:
    elResults.set("innerHTML", "<h3>Retrieving incoming links for " +
        Y.one("#searchString").get('value') + ":</h3>" +
        "<img src='http://l.yimg.com/a/i/nt/ic/ut/bsc/busybar_1.gif' " +
        "alt='Please wait...'>");
 
    //prepare the URL for the Yahoo Site Explorer API:
    var sURL = "http://search.yahooapis.com/SiteExplorerService/V1/inlinkData?" +
        "appid=3wEDxLHV34HvAU2lMnI51S4Qra5m.baugqoSv4gcRllqqVZm3UrMDZWToMivf5BJ3Mom" +
        "&results=20&output=json&omit_inlinks=domain" +
        "&callback=MyNamespace.callback" +
        "&query=" + encodeURIComponent(Y.one("#searchString").get('value'));
 
    //This simple line is the call to the Get Utility; we pass
    //in the URL and the configuration object, which in this case
    //consists merely of our success and failure callbacks:
    var transactionObj = Y.Get.script(sURL, {
        onSuccess: onSiteExplorerSuccess,
        onFailure: onSiteExplorerFailure,
        onTimeout: onSiteExplorerTimeout,
        timeout: 20000,
        context: Y
    });
 
    //The script method returns a single-field object containing the
    //tranaction id:
    Y.log("Get Utility transaction started; transaction object: " + Y.dump(transactionObj), "info", "example");
 
    // keep track of the current transaction id.  The transaction will be
    // considered complete only if the web service callback is executed.
    current = transactionObj.tId; 
};
 
MyNamespace.callback = function(results) {
    Y.log("Web service returned data to Y.example.SiteExplorer.callback; beginning to process.", "info", "example");
 
    // Mark the transaction as complete.  This will be checked by the onSuccess
    // handler to determine if the transaction really succeeded.
    tIds[current] = true;
 
    //work with the returned data to extract meaningful fields:
    var aResults = results.ResultSet.Result;
    var totalLinks = results.ResultSet.totalResultsAvailable;
    var returnedLinkCount = results.ResultSet.totalResultsReturned;
 
    if(aResults) {//there are inbound links; process and display them:
 
        //write header and open list of inbound links:          
        var html = "<h3>There are " +
            totalLinks + 
            " inbound links for this page; here are the first " + 
            returnedLinkCount +
            ":</h3><ol>";
 
        //process list of inbound links:
        for (var i=0; i < aResults.length; i++) {
            html += "<li><strong>" +
                aResults[i].Title +
                ":</strong> <a href='" +
                aResults[i].Url +
                "'>" + aResults[i].Url +
                "</a></li>";
        }
 
        //close list of inbound links
        html += "</ol>";
 
    } else {//no inbound links exist for this page:
 
        var html = "<h3>There are no inbound links for the page specified.</h3>";
 
    }
 
    //insert string into DOM:
    elResults.set('innerHTML', html);
};
 
//suppress default form behavior
Y.on("submit", function(e) {
    e.preventDefault();
    getSiteExplorerData();
}, "#siteExplorer");
 

Copyright © 2009 Yahoo! Inc. All rights reserved.

Privacy Policy - Terms of Service - Copyright Policy - Job Openings