You need to sign in to do that
Don't have an account?
Shin
AJAX Remote Proxy and "Endpoint protocol mismatch" error
Recently I have a chance to use a new feature called "AJAX Proxy", which enables the web service callouts from S-Control pages, and just tried it to access an external XML web services. But I got a following error when invoking a web services which is provided via "http" scheme. The error tells me that "400 Endpoint protocol(http/https) mismatch:".
I can't understand why such a restriction has been introduced. I'm seeing it is kind of excessive regulation and narrowing the possibility of AJAX Proxy. I can work around it by setting my S-Control page url from https: to http:, but changing user's page unsecure seems not to be recommended.
This feature is what we've longly waited for. I want to use it, but the restriction disturbs.
Shinichi
I can't understand why such a restriction has been introduced. I'm seeing it is kind of excessive regulation and narrowing the possibility of AJAX Proxy. I can work around it by setting my S-Control page url from https: to http:, but changing user's page unsecure seems not to be recommended.
This feature is what we've longly waited for. I want to use it, but the restriction disturbs.
Shinichi
You're right. Under some situation end-to-end security is really necessary in order to prevent leakage of sensitive data. But on the other hand there are situations where it is not so. We can find prenty of non-sensitive (light weight) web services in the internet. In fact, how many web sites are providing their RSS feeds via SSL? Not so many. If we prevent all non-secure request we lose opportunities to integrate these light weight web service resources.
I think SFDC should provide an option which enables users to select seculity level of the remote site request.
Shinichi
http://ideas.salesforce.com/article/show/70257/Allow_http_web_services_callout_in_AJAX_Proxy
your scontrol is in an iframe, so only that frame's window should need to be set to http
in the onload() i call init()
function init() {
var l = window.location;
if ( l.protocol == 'https:' ) {
l.href = l.href.replace(/https/,'http');
}
now, my scontrol can call out to RSS feeds and consume them.
i'm not a security expert, so please consult your nearest expert on how safe this is.
Hi, i used this code and i found it works. But... the "Endpoint protocol mismatch" error is produced because the program doesn't wait until the page refreshing.
So please, does anybody have a solution to this problem???