On 4/25/2012 12:08 PM, Tyler Larson wrote:
I would think at minimum we need a way to do file based permissions. The format
of the document could be per file or per domain or uri but what might be even
better than coming up with a new standard might be to use the one that is
already in place. How about just using these crossdomain.xml files.
You can do cross-domain permission via IFRAME and postMessage.
Now that transfer semantics are widely accepted, you can efficiently
send an array buffer across frames.
So you setup something like trampoline.html, you connect to it via
iframe and send it a message, then trampoline.html does an XHR request
(in its own domain) and sends back the data.
It's better than a .xml file because it's scriptable.
-Charles
