Bringing the Same-Origin policy to its knees
Audio
DownloadTalk description
More and more web applications are seeing the opportunities that can arise from exposing their features on third party websites. We've already seen a lot of read-only 'badges' that allow third parties sites to display information from your application but now companies like Facebook, Twitter and Linkedin are allowing users of 3rd party sites to actually use their applications without leaving the site. We'll dig in to what it takes to responsibly and effectively embed your application's functionality in other sites, looking at the arcane technology that powers the Like, Share and Tweet buttons going all the way through to implementing full JavaScript APIs to your application in the style of @anywhere, Facebook Connect and Linkedin's JSAPI.
About Dan Webb
Dan Webb is a british JavaScript bloke working on the platform team at Twitter. Recently he's spent a lot of time delving into the dark recesses of cross domain communication and security while working on @anywhere. In the past, as director of Massive Robot, he's been involved in a wide range of projects including work for Channel 4, A Bathing Ape and People's Music Store as well as popular Twitter app, twaud.io. When he's not doing that he's DJing, hording trainers and drinking fine beers.