On Fri, Mar 20, 2015 at 4:47 AM, Tomasz Wysocki <[email protected]> wrote:
> I have created simple jsfiddle based on example in documentation: > > https://jsfiddle.net/xz2p5c3j/ > > The problem is that Caja JavaScript tries to fetch html directly, and that > ends as "Cross-Origin Request Blocked". > > How to force it to use proxy/cajoling service, rather than fetching > directly? > I just took a look and it seems this is a missing feature. When you use .code() to fetch the URL it's in the end hardcoded to use XHR. (This is unfortunately completely different from the logic for resources fetched by the page itself, which _does_ allow using a proxy.) You'll have to proxy-fetch the content yourself. Then, pass it as a string as the third (optional) argument to .code(). If you're using Caja's own proxy you can invoke it using caja.policy.net.ALL.fetch(url, expectedMimeType, callback). -- --- You received this message because you are subscribed to the Google Groups "Google Caja Discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
