I want to be able access an rss feed from js. I have the ability to configure both servers to use the same domain (but different subdomains - eg static.benanderson.us and tech.benanderson.us). I was hoping I could use the document.domain property to get around the xss issue. Here's a snippet http://static.benanderson.us/example.js (not actually live):
document.domain = 'benanderson.us';
new Ajax.Request('http://tech.benanderson.us/feeds/posts/default', { \\error
However, that doesn't work. I couldn't find out if document.domain works for xhr requests, so I bagged that and switched to an iframe solution because I've done something similar in the past.
$('my_iframe').src='http://tech.benanderson.us/feeds/posts/default';
Event.observe($('my_iframe'), 'load', function() {
try {
log(this.contentDocument); //this displays just fine
var entries = this.contentDocument.getElementsByTagName('entry'); //error
The weird thing is that I can view this.contentDocument in firebug, however it's the getElementsByTagName that errors with a "permission denied..." message.
Any thoughts on how to get either of these solutions to work would be awesome. I know I could do a proxy - that's not what I'm interested in.
