I am building an API(PHP) which allows access only by domain names, how should I check the JSONP request origin?
And are there any security layers I could Implement? (I am not using keys currently*)
* = I want the users only to add the script tag, I don't want them to have to insert keys and get messed up - if you have any idea to make that happen and secure it I would be delighted to hear it.