|
|
|
|
|
|
by enoughalready
5192 days ago
|
|
|
JSONP is considered by most to be a hack and a security risk. CORS is extremely easy to implement, as it only requires you to send some headers to the browser.
For example, in a node app I recently wrote, adding CORS was just a matter of adding these lines: var allowCrossDomain = function(req, res, next) {
aptUtil.log('using cors to allow for cross domain xhr');
res.header('Access-Control-Allow-Origin', '*'); //any domain can submit requests to us.
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
}; app.use(allowCrossDomain);
|
|
|