W3C home > Mailing lists > Public > public-rdfa-wg@w3.org > March 2010

Re: Javascript Security for Dummies

From: Toby Inkster <tai@g5n.co.uk>
Date: Fri, 05 Mar 2010 09:12:37 +0000
To: Ivan Herman <ivan@w3.org>
Cc: RDFa WG <public-rdfa-wg@w3.org>
Message-ID: <1267780357.30377.45.camel@ophelia2.g5n.co.uk>
On Fri, 2010-03-05 at 09:20 +0100, Ivan Herman wrote:
> I do have a technical question, though, for further clarification. You
> say that, if a data is defined through JSONP, what this means is that
> the HTML file that starts up the whole process should have an
> additional <script...> element to get that. 

Typically when loading JSONP, the document would not include an actual
<script> element that loads it. Rather the JSONP would be loaded by
another script. e.g.:

<script type="text/javascript">
  function load_data (u, cb)
  {
    document.write("<script src=\""+u+"?callback="+cb+"\"></script>");
  }
  function handle_data (d)
  {
    blah blah;
  }
  blah blah blah;
  blah blah;
  {
    load_data(foo, handle_data);
    load_data(bar, handle_data);
  }
</script>

So the RDFa author would not add JSONP script tags to their document.
They'd add an RDFa API script to their document, which would in turn
load JSONP files using document.write() or similar.

-- 
Toby A Inkster
<mailto:mail@tobyinkster.co.uk>
<http://tobyinkster.co.uk>
Received on Friday, 5 March 2010 09:13:25 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 04:55:06 GMT