Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

A JSON framework

branch: master

Fetching latest commit…

Octocat-spinner-32-eaf2f5

Cannot retrieve the latest commit at this time

Octocat-spinner-32 connect-cookieless-session
Octocat-spinner-32 connect-nowww
Octocat-spinner-32 connect-pathname
Octocat-spinner-32 connect-subdomains
Octocat-spinner-32 http-json
Octocat-spinner-32 steve-tpl
Octocat-spinner-32 test
Octocat-spinner-32 .gitignore
Octocat-spinner-32 README.md
Octocat-spinner-32 test.js
README.md

Steve - JSON's best friend

steve.js is a JSON CORS/XHR2 application platform.

Application platform means a web service that can be used to build integral applications. For example, Facebook offers an application platform.

The goal being that Applications could register an API key which would grant them access to their users' data as well as services such as sending emails and content hosting.

The platform aggregates the data and makes it useful, but the client-side implementation is left to a third-party to implement.

Progress

  • CORS/XHR2 session module - working
    • Uses headers or route (or cookies or json body) to maintain session
  • Sends JSON by default.
  • Uses Node.JS, Connect, and Express under the hood

CORS Sessions

Normally a session would be maintained by Cookies. If it is known that users will only be using web-browsers, that would be ideal. However, in the case of Internet Explorer, MSIE will probably never support CORS' withCredentials or Access-Control-Allow-Credentials.

In that case, it is simple enough to define a header (X-User-Session by default), that will store the user's session. For the few cases that this isn't practical, setting the session in the URL as a query parameter (userSession by default) will work.

For convenience, the end-developer may prefer to send the session in a JSON POST body (userSession by default).

Something went wrong with that request. Please try again.