On Dec 21, 2010, at 11:46 AM, Sandro Hawke wrote: > I'm not an expert in this, but as I understand it, JSONP will be > obsolete when CORS is adopted by enough browsers. I guess I lean toward > including it, but with some words about the security problems is raises > and its expected obsolescence. As I understand it, the big problem with > JSONP is that you go from merely trusting that the endpoint is giving > you the data you want, to trusting it completely (within the sandbox of > the app itself). Since there are lots of apps that don't really care > if they are subverted, and the alternatives are difficult or not yet > available, JSONP is quite useful. Sandro, Thanks for the response. The security stuff is interesting. I'm not all that familiar with CORS; is there an status overview somewhere of expected timelines and/or browser support? thanks, .gregReceived on Tuesday, 21 December 2010 19:57:18 GMT
This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 16:15:44 GMT