Hi @tangiel (and you might care about this too, @bochunz )
I'm proposing updating this proxy iframe HTML as follows:
<!DOCTYPE ...> declaration must be upper-case for HTML 5/MSIE compatibility
add <meta http-equiv="X-UA-Compatible" ...> for MSIE compatibility to avoid rendering mode/feature skew (e.g. postMessage, CORS, etc.) vs. parent frames/pages
switch to googleapis.server.init as that knows how to enforce /_ah/api and other similar path restrictions provided there's a /static/proxy.html suffix, and fails safe otherwise
remove unused lcsclient
move HTML comment (copyright+license notice) after initial parts of document so that browsers only reading the first bytes for content-sniffing/mode-detection do the right thing
Hi @tangiel (and you might care about this too, @bochunz )
I'm proposing updating this proxy iframe HTML as follows: