Cross-site XMLHttpRequest <ul><li>The Future of Mashups? </li></ul><ul><li>Urban Skudnik </li></ul><ul><li>[email_address]...
Implementation <ul><li>We have all seen it </li></ul><ul><li>We all love (or hate) it </li></ul>
Old way - client-side <ul><li>xhr.open(&quot;GET&quot;, &quot;/x/y/z&quot;); </li></ul><ul><li>xhr.onreadystatechange = fu...
New way <ul><li>xhr.open(&quot;GET&quot;, &quot; http://example.com /x/y/z &quot;); </li></ul><ul><li>xhr.onreadystatechan...
One more thing <ul><li>Server-side - a new header </li></ul><ul><li>Access-Control &quot;allow <domain.data.com>&quot; </l...
More options <ul><li>allow </li></ul><ul><li>deny </li></ul><ul><li>allow <example.com> exclude <subd.example.com> </li></...
Support <ul><li>Firefox 3 only :( </li></ul><ul><li>Even FF3 support is buggy </li></ul>
Bottom line <ul><li>Services distributed between domains - no need for ugly hacks </li></ul><ul><li>No need for proxys </l...
Upcoming SlideShare
Loading in …5
×

Cross-Site XMLHttpRequests

689 views

Published on

A lightning talk about Cross-site XMLHttpRequests

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
689
On SlideShare
0
From Embeds
0
Number of Embeds
19
Actions
Shares
0
Downloads
10
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Cross-Site XMLHttpRequests

  1. 1. Cross-site XMLHttpRequest <ul><li>The Future of Mashups? </li></ul><ul><li>Urban Skudnik </li></ul><ul><li>[email_address] </li></ul>
  2. 2. Implementation <ul><li>We have all seen it </li></ul><ul><li>We all love (or hate) it </li></ul>
  3. 3. Old way - client-side <ul><li>xhr.open(&quot;GET&quot;, &quot;/x/y/z&quot;); </li></ul><ul><li>xhr.onreadystatechange = function(){ // black magic} </li></ul><ul><li>xhr.send() </li></ul>
  4. 4. New way <ul><li>xhr.open(&quot;GET&quot;, &quot; http://example.com /x/y/z &quot;); </li></ul><ul><li>xhr.onreadystatechange = function(){ // black magic} </li></ul><ul><li>xhr.send() </li></ul>
  5. 5. One more thing <ul><li>Server-side - a new header </li></ul><ul><li>Access-Control &quot;allow <domain.data.com>&quot; </li></ul>
  6. 6. More options <ul><li>allow </li></ul><ul><li>deny </li></ul><ul><li>allow <example.com> exclude <subd.example.com> </li></ul><ul><li>allow <example.com> method GET, POST </li></ul><ul><li>XML: <?access-control allow=&quot;example.org&quot;?> </li></ul>
  7. 7. Support <ul><li>Firefox 3 only :( </li></ul><ul><li>Even FF3 support is buggy </li></ul>
  8. 8. Bottom line <ul><li>Services distributed between domains - no need for ugly hacks </li></ul><ul><li>No need for proxys </li></ul><ul><li>allow <*> </li></ul><ul><li>Not supported by IE, making it useless for the foreseeable future </li></ul>

×