Fixes new Domoticz behaviour preventing XSS.

[alex3305]

In the latest release a part of domoticz/domoticz#2105 was included. The inclusion only consisted of the XSS fixes that were proposed by @Jarthianur. While helpful, this broke Dashticz (beta) because of the JSONP request to Domoticz.

Since the internal Domoticz webserver provides CORS to all origins, it shouldn't be an issue to just use a regular JSON request instead of a JSONP one.

I've tested this locally to both HTTP and HTTPS origins and seems to be working. A second opinion on this should be great though. Also I've amneded the CSS with a bit higher Z-value to prevent showing thermostat buttons while the preload is displayed.

[robgeerts]

Well, tested it, and works with a local address but when connecting to a remote domoticz-server you will get an cors-error when not using JSONP... "No 'Access-Control-Allow-Origin' header is present" etc...

[alex3305]

@robgeerts Did you try with the latest beta? That is working for me though.