asked this on November 05, 2010 14:35
Or is that considered to much of a security risk?
I've found that, though it's not documented, the REST API supports JSONP.
Try it: subsitute .json for .xml and add "?callback=mycallback." Voila, there it is.
It would be nice to hear that it's officially supported before I start relying on it however...
Hi Tim, we do support JSONP in /api/v1, but have currently removed it in /api/v2 until we further investigate security. We'll let you know if we decide to officially support it.
Update: we will be supporting JSONP for public resources, e.g. retrieving public forums or public forum topics. Outside of that we do not feel it's secure and will add CORS support for other cross-domain requests.
What's the latest on the CORS implementation mentioned above?
Hi Lars, nothing yet on CORS.
Thanks for quick feedback.
Does that mean no support for cross-domain in API v2 in any shape or form at the moment?
Still plan to add CORS in the end?
Hi Lars, that's correct, currently there's no support for cross-domain requests in API v2 at the moment. We still do plan on adding CORS.
Hi Steven, any news on this?
Support Software by Zendesk