2009/8/16 Michael Dale <mdale(a)wikimedia.org>rg>:
the scraping the jsonfm solution actually worked
pretty well (tested in
Firefox and IE6-8 )
var doc = iframe.contentDocument ? iframe.contentDocument :
frames[iframe.id].document;
json_str = $j(doc.body).find('pre').html();
return window["eval"]("(" +json_str + ")");
Yay!
The IEContentAnalyzer looks like an interesting
solution as well... but
this seems to work reasonably well for the time being.
If your backend wasn't already relying on JSON output, you could've
requested XML output instead and that would've worked just fine
without any security issues. Running stuff through IEContentAnalyzer
just so we can put a wrong MIME type on it (text/plain is not
appropriate for JSON, should be either application/json or
text/javascript) is a bad idea. I see you've already removed the
text/plain option, so it's now back to using text/javascript for
callbacks and application/json instead.
Roan Kattouw (Catrope)