Using the Mozilla SOAP API
Saturday August 31st, 2002
#11 SOAP API is not limited to chrome...
by rayw <email@example.com>
Friday September 6th, 2002 9:05 AM
You are replying to this message
This functionality can easily be used outside of chrome, and does not need to be in a signed or locally-saved script.
The article was wrong on that count.
1. It should work to services in the same domain as the caller. If anyone can document that this does not work, it should be logged as a bug and fixed. 2. You can arrange with the server to ignore a source verification header and then it requires no special privs to call the service -- the verification is to prevent calls to behind-the-firewall SOAP services by untrusted applets, which is why restrictions exist in the first place. 3. You can adjust your security prefs fo permit the calls to occur (I don't recommend this generally, but for specific cases, it may be appropriate).
I have done a number of demos of this functionality, and none were in chrome.