2011/1/10 Platonides <Platonides(a)gmail.com>om>:
Jérémie Roquet wrote:
It's not as powerful as the iframe hack was
(since it's limited to
the api), but I think it's enough for me to release a quick fix for
iKiwi (not for xmsg, unfortunately, because userinfo is not accessible
Why do you consider the api less powerful than "dom scraping"
What can't you do with it?
Well, it's not an issue about the api per se, but rather a weakness of
the jsonp approach:
- You can't fetch user-specific data 
- You can't send POST requests, meaning you can't edit or create pages 
Both limitations are of course fortunate because it would allow
malicious sites to know about their visitors or to edit Wikipedia on
Yes, that's the good point. I'm very happy Ilmari came with the jsonp
idea as it's exactly what I need for iKiwi to work again.
And thanks for the langlinks idea!
And there's a handy property to determine if you
have new messages:
Unfortunately (or fortunately), userinfo cannot be retrived using jsonp .
Hopefully, with CORS we'll have access to the whole api (including
userinfo and writeapi) (and to scrapping, if needed for any reason).
Thanks for your ideas! Best regards,
 « callback - If specified, wraps the output into a given function
call. For safety, all user-specific data will be restricted. » —
 « action=edit * Create and edit pages. [...] This module only
accepts POST requests. »