iulianastase / jsonengine

Automatically exported from code.google.com/p/jsonengine
0 stars 0 forks source link

HTTP CORS Support #32

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
Can this be made to support HTTP CORS cross origin support? As it stands, if 
you use true AJAX on the REST, the FQD is going to be an issue... The browsers 
will block the AJAX.

On the other hand, from a cleaner design perspective, maybe we need a different 
CORS engine by itself and just configure jsonengine to CORS engine.

Original issue reported on code.google.com by hchang...@gmail.com on 10 Feb 2012 at 5:54

GoogleCodeExporter commented 8 years ago
I too have asked for this feature, going to implement it myself sometime this 
century

Original comment by yamac...@gmail.com on 20 Feb 2012 at 11:44

GoogleCodeExporter commented 8 years ago
Can we bump up the priority this? Our company's security policy forbids use of 
JSONP, as it introduces scripting attacks. Without CORS, this is not going to 
graduate to more  mature use cases.

I'm using ajax reverse proxy as a temporary workaround until this have CORS, 
but that forces extra roundtrips and hops to server side so this makes 
jsonengine seem slower than it is.

Original comment by hchang...@gmail.com on 23 Feb 2012 at 3:17