2012/8/29 bawolff bawolff+wn@gmail.com
On Wed, Aug 29, 2012 at 2:24 PM, Alex Brollo alex.brollo@gmail.com wrote:
Thanks for comments.
[..]
Thanks for API suggestion, but the question is: does it violates "same origin" AJAX policy? I can read anything by a bot from any project, but AJAX is great to enhance interactivity and to help user just when user needs data, i.e. in edit mode.
No it doesn't violate the same origin policy. Same origin policy only prevents reading information from other websites, it does not stop you from executing content from other websites (Which always seemed an odd distinction to me...). Thus you can use the api with a callback parameter to get around the same origin policy.
Obviously CORS is a much nicer solution.
-bawolff
Wikitech-l mailing list Wikitech-l@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/wikitech-l