Unfortunately you can't "POST" a cross-domain JSONP request. Ajax
requests can't be cross-domains so internally an "add script tag" type
of approach is used. This means that only "GET" type parameters (those
in the actual URL) can be used.

So you either have to go for a "local proxy" approach (if you really
need the POST) or use the GET style of parameters.

For an example see:

    http://docs.jquery.com/Ajax/jQuery.getJSON

Karl Rudd

On Tue, Oct 14, 2008 at 7:15 PM, .M. <[EMAIL PROTECTED]> wrote:
>
> Hi
>
> Is there any additional security restriction on code that is
> dynamically loaded into a page. Or on .post requests of type json?
>
> As per the code below I am trying to create a bookmarklet which
> references a web service but I'm getting the following error when
> accessing from a different domain.:
>
> uncaught exception: Access to restricted URI denied
> (NS_ERROR_DOM_BAD_URI)
> [Break on this error] xhr.open(type, s.url, s.async);
>
> The code is
>
> var s=document.createElement('script');
> s.setAttribute('src', 'http://code.jquery.com/jquery-nightly.js');
> document.getElementsByTagName('body')[0].appendChild(s);
> s.onload=function(){
>        url = window.location.href;
>        var name='Someone';
>        var question = 'something';
>        var details='';
>        $.post("http://chief:8080/parse_place";, { url: url },
>          function(data){
>                if (data.request_dom != '') {
>                        console.log('got request');
>                        question = eval(data.request_dom);
>                }
>                if (data.details_dom != '') {
>                        console.log('got details');
>                        details = eval(data.details_dom);
>                }
>                if (data.requester_dom != '') {
>                        console.log('got requester');
>                        name = eval(data.requester_dom);
>                }
>          }, "jsonp");
>        alert(name+" asked '" + question + "''\n\n" + details + "\n\nURL: " +
> url);
> };
> void(s);
>
> Any advice on working around the security issue if possible
> appreciated.
>
> Many thanks
>  .M.
>

Reply via email to