On Wed, Aug 29, 2012 at 2:24 PM, Alex Brollo <alex.brollo(a)gmail.com> wrote:
Thanks for comments.
[..]
Thanks for API suggestion, but the question is: does it violates "same
origin" AJAX policy? I can read anything by a bot from any project, but
AJAX is great to enhance interactivity and to help user just when user
needs data, i.e. in edit mode.
No it doesn't violate the same origin policy. Same origin policy only
prevents reading information from other websites, it does not stop you
from executing content from other websites (Which always seemed an odd
distinction to me...). Thus you can use the api with a callback
parameter to get around the same origin policy.
Obviously CORS is a much nicer solution.
-bawolff