how does scribefire or deepest sender circumvent same origin policy restriction?
This is in reference to the question asked at Create a Wordpress post with xmlrpc and jQuery . I'm trying to do something similar and I'm stuck with the SOP restriction.
If the same origin policy is implemented in firefox, how to extensions like scribefire or deepest sender manage to开发者_Go百科 communicate with blogs in other domains? Please clarify this for me as it would be most helpful for my project.
Firefox extensions run with "chrome" (process) privileges, and are not bound to the same origin policy at all. Only web content is.
If you want to perform cross domain access with only "content" privileges, i.e. from a regular website, not an extension, you need to implement special access controls. Or course, you can only implement the access controls for your own sites.
精彩评论