[Catalyst] Re: Converting a GET request to a POST request
Ronald J Kimball
rkimball at pangeamedia.com
Mon Nov 29 17:20:34 GMT 2010
On Fri, Nov 26, 2010 at 3:02 PM, Aristotle Pagaltzis <pagaltzis at gmx.de> wrote:
> * Ronald J Kimball <rkimball at pangeamedia.com> [2010-11-23 18:00]:
>> REST principles dictate that I use POST, not GET, for these
>> requests. The same-origin policy forces me to use JSONP, which
>> can only make GET requests, not POST. What's the solution?
> unsafe requests outside the origin.
> <mst>Step back.</mst> What are you actually trying to do?
> I could imagine that eg. an OAuth-based solution could work
> (wherein the user hands other sites an auth token from you, and
> the sites use that token to make requests to your site on their
> users’ behalf). Or maybe it’s too complicated or overkill for
> you – that depends on your aim and constraints.
> So tell us about them.
This is for a widget that will be hosted on third party websites. The
widget will allow users of those sites to interact with our content.
retrieve content and submit user interactions using Ajax and JSONP
(supposedly via a REST API :). Users will not be required to log in
to interact with the content in the widget.
Thank you for your feedback. Some of this is new territory for me, so
being steered away from doing things the wrong way is very helpful.
More information about the Catalyst