Google Maps???

fnbcprog

Does anyone know how the actual code for google maps works?

The reason I ask is because all the information I read says Cross-Domain XMLHttpReqest (XHR) is disabled by default in browsers. If this is true how are they fetching images and everything.

I don't want to know lat/long information or general stuff. I need to know exactly what is going on....

Any help would be greatly appreciated.

etully

It's true that Cross-Domain XMLHttpReqest is disabled in most browsers.

Removed incorrect information - sorry for the confusion

fnbcprog

I have done this and I still get the permission denied error....

bpat1434

Typically, you can do as many XHR to the local domain as you wish. Most browsers disable remote XHR for a purpose. So try and keep it local. That's been my best bet.

MarkR

I would assume that Google Maps uses an IFRAME to keep the maps, then the document inside that frame comes from Google's server, hence an XHR object created by code in that page is allowed to connect to their server.

It's not clear how it' possible to script objects from the other domain; this is not normally possible either.

Mark

etully

Google maps does not use iFrames. I installed the code supplied here:
http://www.ajaxextended.com
and I've been trying to figure out how it works. As best I can tell, it (and possibly Google too), alter the DOM rather than use the traditional xmlHttpRequest methods.

The good news, I know it works. The bad news, I don't know how.

etully

To be a little more specific, I do know this about AjaxExtended's solution. Imagine three servers, A, B, and C. You install server side code on B. Once that's done, you can include Javascript on web pages on server A that will allow these web pages to access Server C. The part I understand is that server B works as a proxy to server C (using PEAR). Server A creates the page that includes Javascript from server B. Then it talks to server B (I don't know how) and server B uses PEAR to go out to Server C and returns the result to the web pages that were created by Server A.

So the effect is that server A pages can talk to server C - which is a function that is expressly prohibited by the XMLHttpRequest methods, as you said.

altyfc

Just came across this thread from a Google search... implementing Google Maps isn't as easy as you might envisage. We've tried to overcome this with the development of the site at http://www.aardvarkmap.net which essentially just attempts to bridge the gap between webmaster and GM, and is designed to make adding maps to your website much easier. Please take a look and see what you think. I'd be grateful to hear opinions, and I hope this is helpful to some of you grappling with the code.

Thanks

Aaron

etully

Thank you altyfc. The discussion at hand was a question about how Google is able to conduct xmlHttpRequest's from someone else's web site.

Most web browsers are designed to NOT jump outside the current domain to external servers which stymies many Ajax programmer's attempts to include code from other domains which raises the question, "How does Google do it?" As best I can tell so far, I think that they dynamically write Javascript onto your web page that alters the behavior of the xmlHttpRequest method in the browser's DOM... but I'm not sure. Any insight you have would be appreciated.

bpat1434

Is it not a possibility that they just have a background PHP/ASP/C# (whatever language) page that goes offsite and retrieves it and sends it back via xmlHTTPRequest? That's one way that would work, and isn't limited by JavaScript's xmlHttpRequest domain.

etully

No. That's not a possibility. Try this experiment:

Create a web page on a domain (www.foo.com) that has a PHP script that answers Ajax requests This is your "Google".
Create a web page on another domain (www.bar.com) that has an HTML page with a little Ajax routine that connects to the script on the other domain. This is your personal web site.
Use a web browser to pull up the HTML file on www.bar.com. Watch as it is unable to connect to www.foo.com
Now move the PHP script from www.foo.com over to www.bar.com (the same domain as the HTML file) and change the HTML file so that connects to the the php script on the same server. Notice that it works perfectly.

The Javascript that is built into web browsers is designed not to use Ajax to connect to sites in other domains. (Raising the question, "How does Google do it?"). Again, the only answer I have is that when you install Google's code on your web site and it runs inside someone's web browser, it actually changes the way Javascript is allowed to behave.

The reason that web browsers are built with this limitation is to prevent XSS hacks. For example, imagine if, inside this very message I'm typing right now, I inserted some Ajax and Javascript code that reads cookies. It could read your username and password cookie and then, even though you are on the phpbuilder.com web site, my injected Ajax code could pass that u/p information to a PHP script over on www.evil-xss-hackers.com which writes it to a database. The simple act of viewing this web page could send all your cookie information over to another web site. Javascript can also read DIV tags so I could see things that are only supposed to appear on your screen.

And the original poster's question was, despite this protection, how is Google able to make anyone's web site use Ajax to include their Google maps on their external site? Any insight appreciated.

Hido

Google map is a great subject and I've spent some time to think about it. I enjoy following it. OK!!!

Hidayet Akkaya

markcausa

Hmmm. I've been wondering how it works also for a long time. It works great and I like the API they offer, but how does it work?!