views:

1928

answers:

4

How does Google's API make cross-domain requests back to Google, when it's on your website?

+1  A: 

AFAIK they use IFRAMEs.

Ben Stiglitz
I Agree with you. Google should be using something similar to this, as they do a Post to their Calendar service using the Javascript library which is not possible in JSONp. +1
Ramesh
+7  A: 

<script> tags work cross-domain. See also: JSONP

Shog9
+5  A: 

They get around it by dynamically injecting script tags into the head of the document. The javascript that is sent down via this injection has a callback function in it that tells the script running in the page that it has loaded and the payload (data).

The script can then remove the dynamically injected script tag and continue.

Ryan Doherty
A: 

Another possibility is to use the window.name transport as described for the dojo framework here

Burke