<

ASP.NET Proxy Page – Used for Cross Domain Requests from AJAX and JavaScript

Published on
17,469 Points
10,469 Views
5 Endorsements
Last Modified:
Approved
Community Pick
One of the pain points with developing AJAX, JavaScript, JQuery, and other client-side behaviors is that JavaScript doesn’t allow for cross domain request for pulling content. For example, JavaScript code on www.johnchapman.name could not pull content or data from www.bing.com.  I have found this particularly painful when doing SharePoint development.

One way to overcome this issue is by using a server-side proxy on the site running the JavaScript code. There is already are well documented PHP solutions on the web, however I couldn’t find very many .NET-based solutions. This simple C# code takes the URL passed to it through the URL encoded query string, retrieves the content of the URL using an HttpWebRequest and outputs in the original form it as if it were content on the site.

The following code can be added to an ASP.NET application or to SharePoint.  For SharePoint, you can place the two files (Proxy.aspx and Proxy.aspx.cs) into the "_layouts" folder (c:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\TEMPLATE\LAYOUTS).

Please Note: To keep this example simple and to the point it does not contain any error exception handling and such.  You can modify this code and add error handling as you see fit.  Also, allowing all websites to be proxied through your site could allow for malicious site content to appear as if they are coming from your site.  The Query String method below is not recommended for use on publicly accessible websites, instead use an ID in the Query String and lookup the actual URL from a database.  This will put you in complete control of the sites allowed to be proxied.


 Complete Proxy.aspx.cs
using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Net;
using System.IO;

namespace Proxy {
    public partial class _Proxy : System.Web.UI.Page {
        protected void Page_Load(object sender, EventArgs e) {
            string proxyURL = string.Empty;
            try {
                proxyURL = HttpUtility.UrlDecode(Request.QueryString["u"].ToString());
            }
            catch { }

            if (proxyURL != string.Empty) {
                HttpWebRequest request = (HttpWebRequest)WebRequest.Create(proxyURL);
                request.Method = "GET";
                HttpWebResponse response = (HttpWebResponse)request.GetResponse();

                if (response.StatusCode.ToString().ToLower() == "ok") {
                    string contentType = response.ContentType;
                    Stream content = response.GetResponseStream();
                    StreamReader contentReader = new StreamReader(content);
                    Response.ContentType = contentType;
                    Response.Write(contentReader.ReadToEnd());
                }
            }
        }
    }
}

Open in new window



Proxy.aspx.cs Breakdown

You will need to make sure at least the above listed "using" references have been added to the code-behind and that code is added to the Page_Load section of the code-behind.
Since we are using a Query String to determine which page we are retrieving for the proxy in this example, we will need to get the value of the Query String and if no value is found, not to attempt to retrieve anything.  If you wanted to you could hard code a URL in the code if it was not going to be reused for any other pages.  Also, you could store the URL's in a database and use an ID in the Query String rather than putting the URL in the Query String.  It is important to remember that Query Strings only support certain characters.  If you have special characters it is important to URL Encode the Query String.  This site can be used to create URL Encoded strings for you: http://www.albionresearch.com/misc/urlencode.php.
If a value was found for the Query String in this example, we will create a new HttpWebRequest.  If you would like more information on the HttpWebRequest class, visit the following MSDN page: http://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.aspx.
Using the request's GetResponse() method, we get a response (the remote page content).  However, we first need to make sure that we received a valid response ("ok").  We might not receive a valid response if we receive a 404 Not Found, 500 Internal Server Error, 401 Unauthorized or other normal HTTP error.
If our response is OK, we use the Stream (data) of the response and output it to the page content.

Note: After the "if (response.StatusCode.ToString().ToLower() == "ok") { … }" snippet, you could add an else statement to output the StatusCode to an error log so that you can troubleshoot if necessary.  

This tutorial shows a simplified method for retrieving remote content and displaying it on your site so that AJAX, JQuery, JavaScript, etc can access to remote content.  When using this code, it is important to consider security concerns and error handling to ensure the best implementation of a proxy page.


Proxy.aspx
<%@ Page Language="C#" 
         AutoEventWireup="true" 
         CodeBehind="Proxy.aspx.cs" 
         Inherits="Proxy._Proxy" %>

Open in new window


The Proxy.aspx page is simply blank except for the Page tag. When passing the URL to the query string, it is important that it is URL encoded. This helps to prevent query strings of the remote site URL from interfering with the Proxy page.


Example Usage
http://www.yourdotnetapplication.com/proxy.aspx?u=http%3a%2f%2fwww.google.com
http://www.yoursharepointsite.com/_layouts/proxy.aspx?u=http%3a%2f%2fwww.google.com

Open in new window



The original article as well as source code can be found at:
http://www.johnchapman.name/aspnet-proxy-page-cross-domain-requests-from-ajax-and-javascript/
5
Author:chapmanjw
Enjoy this complimentary article view.

Get unlimited access to our entire library of technical procedures, guides, and tutorials written by certified industry professionals.

Get 7 days free
Click here to view the full article

Using this article for work? Experts Exchange can benefit your whole team.

Learn More
COLLABORATE WITH CERTIFIED PROFESSIONALS
Experts Exchange is a tech solutions provider where users receive personalized tech help from vetted certified professionals. These industry professionals also write and publish relevant articles on our site.
Ask questions about what you read
If you have a question about something within an article, you can receive help directly from the article author. Experts Exchange article authors are available to answer questions and further the discussion.
Learn from the best.