This is extracted from an
article by Brett McLaughlin about AJAX
------------------------------------------------
Welcome to the sandbox
Ajax
has a sandbox security model. As a result, your Ajax code (and specifically, the XMLHttpRequest
object) can only make requests to the same domain on which it's running. You'll
learn lots more about security and Ajax
in an upcoming article, but for now realize that code running on your local
machine can only make requests to server-side scripts on your local machine. If
you have Ajax
code running on www.breakneckpizza.com, it
must make requests to scripts that run on www.breakneckpizza.com.
-----------------------------------------------
I don’t agree with his point:
I can make an ajax
request to Google for example from my own domain and get the search result response
back without any error. So does that article make any sense to you when it says
“…can only make requests to
the same domain on which it's running.”?
Thank you experts.
--Doug
|
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Rails-spinoffs mailing list
Rails-spinoffs@lists.rubyonrails.org
http://lists.rubyonrails.org/mailman/listinfo/rails-spinoffs
