[tor-talk] Implement JSONP interface for check.torproject.org
tor at lists.grepular.com
tor at lists.grepular.com
Sun Nov 6 14:01:50 UTC 2011
On 06/11/11 01:26, Arturo Filastò wrote:
> I have made a patch to check.torproject.org to expose a JSONP interface
> that would allow people to have the user check client side if (s)he is
> using Tor.
It would be safer to expose a JSON web service than a JSONP web service,
and use a wild "Access-Control-Allow-Origin" HTTP response header to
allow cross-site XMLHttpRequest. That way, people could pull the data
without suffering the risks of embeddeding third party JavaScript.
There's nothing stopping it from being provided as a secondary option.
--
Mike Cardwell https://grepular.com/ https://twitter.com/mickeyc
Professional http://cardwellit.com/ http://linkedin.com/in/mikecardwell
PGP.mit.edu 0018461F/35BC AF1D 3AA2 1F84 3DC3 B0CF 70A5 F512 0018 461F
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20111106/5be83569/attachment.pgp>
More information about the tor-talk
mailing list