JSON-P and Cross Origin Requests

Tagged:

Currently contains 1 post

Avatar

June 27, 2014 15:31

scottw

We were recently asked about json-p support. Currently the API does not support json-p but it does allow for Cross Orign Requests.

Json-p is really a work around for the security built into browsers to stop you making ajax calls from one domain to another e.g. if I’m on cnn.com, javascript on cnn.com cannot make an ajax request to foxnews.com. Json-p gets around this.

However our servers are setup to allow for requests to come from any domain – so you can easily make requests from any site using Javascript – the ajax client in libraries like jQuery automatically support this. Keep in mind though this would mean exposing your app id and key unless you do something to hide them. All modern browsers support this but if you feel you still have a need for json-p then please let us know.

Here are a couple of wikipedia references and a site for testing your cors requests if you want to explore more:
http://en.wikipedia.org/wiki/Cross-origin_resource_sharing
http://en.wikipedia.org/wiki/JSONP
http://test-cors.org

Have a good weekend all,

Scott
Reply to thread
  1. If you're human, leave this field empty.