Make WordPress Core

Opened 15 years ago

Closed 15 years ago

Last modified 15 years ago

#11062 closed enhancement (wontfix)

Front-end ajax handler

Reported by: prettyboymp's profile prettyboymp Owned by:
Milestone: Priority: normal
Severity: normal Version: 2.9
Component: General Keywords:
Focuses: Cc:

Description

Just wanted to start a discussion on ajax handling for requests from the front-end (non-admin) of the site. There are a couple of things I've come across with this:

First is using admin-ajax.php causes problems if you have the admin running under a different domain than the front-end. Using site_url instead of admin_url fixes the issue with cross site ajax posts, but you still may have to add some extra handling to keep the admin from redirecting to the admin's domain. Extra steps that I think could be easily resolved.

The second issue I've come across is when multiple plugins need a javascript variable to designate the url to admin-ajax.php. They either need to share one variable (unsafe dependency), or each have their own variable set.

I'm curious as to what other developers do, or if anyone feels we should add separate handling for front-end ajax along with a built in enqueueable script that sets the ajax url. I'm

Change History (9)

#1 @prettyboymp
15 years ago

  • Cc mpretty@… added

#2 in reply to: ↑ description ; follow-up: @filosofo
15 years ago

Replying to prettyboymp:

I'm curious as to what other developers do

I just post Ajax data to the current WP page, and I attach a callback method to the "init" action, and when the posted value of my Ajax is set, it does whatever needs to be done, after the requisite verification (user-permission check, nonce check, etc.).

No extra action hooks needed.

#3 follow-up: @dd32
15 years ago

See #9209, [10720]: Fire nopriv actions from post and ajax handlers when user is not logged in

#4 in reply to: ↑ 3 @filosofo
15 years ago

Replying to dd32:

See #9209, [10720]: Fire nopriv actions from post and ajax handlers when user is not logged in

Except that OP seems not to want to have to post to admin URLs, if I'm reading him correctly.

#5 @dd32
15 years ago

Except that OP seems not to want to have to post to admin URLs, if I'm reading him correctly.

I'm aware of that, mearly linking a related ticket and the changeset that closed it.

#6 in reply to: ↑ 2 ; follow-up: @prettyboymp
15 years ago

Replying to filosofo:

I just post Ajax data to the current WP page, and I attach a callback method to the "init" action, and when the posted value of my Ajax is set, it does whatever needs to be done, after the requisite verification (user-permission check, nonce check, etc.).

I've gone this route recently, but felt kind of dirty always having the init hook called to check if certain post variables were submitted. I realize its very little overhead in the scheme of things, but it just felt out of place.

While we're on the subject, is there a reason we don't accept $_REQUEST action for nopriv ajax? That way GET could be used for improved caching between users where needed.

#7 in reply to: ↑ 6 @scribu
15 years ago

Replying to prettyboymp:

While we're on the subject, is there a reason we don't accept $_REQUEST action for nopriv ajax? That way GET could be used for improved caching between users where needed.

trunk does accept $_REQUEST.

#8 @prettyboymp
15 years ago

  • Resolution set to wontfix
  • Status changed from new to closed

closing...thanks for the feedback. Just wasn't sure if always using the init hook was better than adding a front end ajax handler due to issues with the admin being on a different domain.

#9 @Denis-de-Bernardy
15 years ago

  • Milestone Unassigned deleted
Note: See TracTickets for help on using tickets.