- From: Mark S. Miller <erights@google.com>
- Date: Thu, 8 Dec 2011 16:31:13 -0800
On Thursday, December 8, 2011, Yehuda Katz wrote:
>
> I'm probably still misunderstanding, but the current security
> infrastructure of the web supports cross-origin XHR only with a new kind of
> explicit server opt-in that most APIs do not support.
>
In that case you are understanding correctly. My point was that *except for
the lack of this header*, the rest of this JSONP API is just a one liner.
--
Cheers,
--MarkM
Received on Thursday, 8 December 2011 16:31:13 UTC