same-origin-policy

Does anyone know a way to get list of jQuery themes from http://jquery-ui.googlecode.com/svn/tags/1.8.23/themes/ ? I am creating simple webpage with themes roller where the user can switch themes dynamically. Working fiddle - Click on Themes on Right top corner and select a new theme. Right now the list is hard coded as below, <div id="theme-list"> <ul> <li class="themes-el ui-state-highlight" data-theme="cupertino">cupertino</li> <li class="themes-el" data-theme="hot-sneaks">hot-sneaks</li> <li class="themes-el" data-theme="smoothness">smoothness</li> <li class="themes-el" data-theme="pepper

Given a browser extension that sends information from one webpage to an entirely different server, is this violating the same origin policy? The same-origin policy (SOP) appplies to ordinary web pages, not browser extensions, even if they are written in JavaScript. What does "different server" mean when the extension code does not origingate from a server? (The extension script might have some kind of orgin, like chrome-extension://longhashidentificationstr , but not an traditional domain/origin.) To communicate with any Web page (except those that have CORS headers ), the extension cannot be

Adjusting the height of an IFRAME to match its content page's height can be a real drag when the containing and content pages are not from the same domain. Do the Cross-Origin Resource Sharing (CORS) headers make it possible for the content page to authorize cross-domain access to its resources and thus allow its containing page to read its height? (or, alternatively, the containing page authorize the content page to announce its height?) Or is CORS strictly an AJAX thing? CORS doesn't let you do that, but you can use cross-document messaging to send strings between iframes and their parent

I'm trying to follow a melonJS tutorial. It says I should disable cross-origin request using one of two methods: --disable-web-security --allow-file-access-from-files** I've tried both of these in my command prompt as such: C:\Users\danniu>C:\Users\danniu\AppData\Local\Google\Chrome\Application\Chrome.e xe --allow-file-access-from-files C:\Users\danniu>C:\Users\danniu\AppData\Local\Google\Chrome\Application\Chrome.e xe --disable-web-security When I try to run the game in Chrome I'm still getting this error: XMLHttpRequest cannot load file:///C:/Users/danniu/Desktop/JavaScript/melonJS/data/map

For development purposes, I need to disable the same-origin policy in Safari (on Windows) on my machine. In Chrome, this can be done by launching with the flag --disable-web-security . Is there an equivalent flag or hidden setting in Safari? If you want to disable the same-origin policy on Safari (I have 9.1.1), then you only need to enable the developer menu, and select "Disable Cross-Origin Restrictions" from the develop menu. Later versions of Safari allow you to Disable Cross-Origin Restrictions. Just enable the developer menu from Preferences >> Advanced, and select " Disable Cross-Origin