Daily Log, 2010-11-02
Spent quite a bit of time with Keith getting a Cross Site JSON call to work in jQuery and Sinatra. The problem (or security feature) is that a browser will not make an XMLHttpRequest to another domain than the one it’s currently displaying data from. We are building a widget that is going to be embedded on other servers, and we wan’t to make such a call… Luckily, there’s JSONP which “pads” the response by the server in a JavaScript function call and thus bypasses the problem. jQuery supports JSONP natively in it’s $.ajax request and we tried hard to get it to work with a POST request (as the docs suggested would work). It doesn’t however, and we had to change to a GET request (using the handy $.getJSON method. So we sacrificed the purity of our REST API (we are really creating a ressource) by allowing that ressource to be created and retrieved by a GET request. Still that beats using iframes for our widget - at least in our book.
After we got the basic integration working, finishing of the Widget was easy and we managed to integrate it into an “external” website (i.e. one that has nothing to do with this project). We even got the complete process that the Widget is triggering to work - quite a success!