JSONP support for JSON output
samatjain opened this issue · 1 comments
JSONP is a "standard" to allow cross-origin domain requests for use from JavaScript. It's an alternative to CORS (issue #22) for JavaScript interpreters.
Implementation is fairly simple: support a callback URL parameter ("callback" is an ad-hoc standard, which jQuery supports) in the GET/POST request.
E.g.
http://example.com/xapi/api/0.6/node/1.json?callback=an_arbitrary_name
Should return the otherwise normal JSON output "wrapped" in a function call, to a function named in the callback parameter. E.g. for the above:
E.g.
an_arbitrary_name(<JSON output here>)
A negative about JSONP: it, by itself, has no access control mechanism, so it may be a good idea to let users turn JSONP support off so random Websites on the Internet don't use their XAPI instances.
See branch jsonp for a first attempt. There are some changes in my osmosis fork's json module that need to be brought in for it to compile.