[whatwg] JSONRequest from Henri Sivonen on 2006-03-30 (public-whatwg-archive@w3.org from March 2006)

From: Henri Sivonen <hsivonen@iki.fi>
Date: Thu, 30 Mar 2006 18:19:19 +0300
Message-ID: <48D968E3-902C-4936-9DB5-D5332C08FE1E@iki.fi>

On Mar 30, 2006, at 17:21, Douglas Crockford wrote:

> The central idea with the JSONRequest is that it is exempted from  
> the Same Origin Policy. It allows for exchanging data with a server  
> in any domain that specifically accepts JSONRequests.

Why is it necessary to allow this in the browser? When would you be  
able actually use the feature even if Opera, Apple and Mozilla  
shipped support today?

What's wrong with having the browser talking to the origin server  
using XMLHttpRequest and the server talking to the third party  
(sanitizing data as necessary before passing it to the browser)?

-- 
Henri Sivonen
hsivonen at iki.fi
http://hsivonen.iki.fi/

Received on Thursday, 30 March 2006 07:19:19 UTC