0

I am trying to get a user token by posting the username and password to an api.

To my understanding there are several ways to post an ajax call to an API (so you don't have to refresh the page):

  1. call api.site.com/token from site.com. But according to: another question you have to implement CORS on the server side to avoid the cross domain problem. But this isn't supported by most mobile browsers.

  2. call site.com/api/token which is a php script that curls posts the api (api.site.com) with the post data. Or calls a bash script that curls the post data.

  3. host api.site.com on the same server with site.com so you can access it i.e. site.com would call site.com/api/

Which method is the most efficient and used by facebook, Instagram ... the big guys?

isethi
  • 557
  • 1
  • 6
  • 16
  • CORS is supported by all major mobile browsers. What are you talking about? – ceejayoz Jul 14 '17 at 18:10
  • 2
    As for how Facebook/Instagram do it... right-click, "inspect element", and take a look at the network tab. – ceejayoz Jul 14 '17 at 18:11
  • @ceejayoz This wont work on mobile browsers. In my experience they do not allow cross domain POST at all. I've tested android, iPad, iPhone https://stackoverflow.com/questions/298745/how-do-i-send-a-cross-domain-post-request-via-javascript%22another%20question%22 – isethi Jul 14 '17 at 18:11
  • 1
    CORS POSTs work just fine on mobile if properly set up. http://caniuse.com/#feat=cors – ceejayoz Jul 14 '17 at 18:12

0 Answers0