How can I validate/secure/authenticate a JavaScript-based POST request?

Question

A product I\'m helping to develop will basically work like this:

• A Web publisher creates a new page on their site that includes a

Answer 1

How about:

Site A creates a nonce (basically a random string), sends it to your site B that puts it into the session. Then when the site A makes the POST request from the site it sends the nonce along with the request and the request is only accepted if the nonce matches the one in the site B's session.