Semi related question -- how is this implemented security wise? I took a look at... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		sherwin on March 19, 2013 \| parent \| context \| favorite \| on: Show HN: XKCD-inspired StackSort Semi related question -- how is this implemented security wise? I took a look at the github repo and it seems to be all clientside JS, and it's just making ajax GET search requests to StackOverflow, then parsing the results. Isn't this prevented by same origin policy?

youngian on March 19, 2013 [–]

Looks like they're using CORS. The Access-Control-* response headers control that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact