开发者

how does scribefire or deepest sender circumvent same origin policy restriction?

开发者 https://www.devze.com 2023-02-08 11:03 出处：网络

This is in reference to the question asked at Create a Wordpress post with xmlrpc and jQuery . I\'m trying to do something similar and I\'m stuck with the SOP restriction.

相关专题：cross-domain cross-site firefox firefox-addon same-origin-policy

This is in reference to the question asked at Create a Wordpress post with xmlrpc and jQuery . I'm trying to do something similar and I'm stuck with the SOP restriction.

If the same origin policy is implemented in firefox, how to extensions like scribefire or deepest sender manage to开发者_Go百科 communicate with blogs in other domains? Please clarify this for me as it would be most helpful for my project.

Firefox extensions run with "chrome" (process) privileges, and are not bound to the same origin policy at all. Only web content is.

If you want to perform cross domain access with only "content" privileges, i.e. from a regular website, not an extension, you need to implement special access controls. Or course, you can only implement the access controls for your own sites.