more cors and jsonp docs

docs/01_cross_origin.md

@@ -27,8 +27,19 @@ In contrast to JSONP, CORS does not lead to any execution of untrusted code.
 Most JavaScript frameworks, like [jQuery](http://jquery.com), take care of CORS
 requests for you under the hood, so you can just do a normal *ajax* request.
 
+    // using jQuery
+    $.get("https://api.travis-ci.org/", function() { alert("it worked!") });
+
 Our current setup allows the headers `Content-Type`, `Authorization`, `Accept` and the HTTP methods `HEAD`, `GET`, `POST`, `PATCH`, `PUT`, `DELETE`.
 
 ## JSONP
 
-... some docs here ...
+You can disable the same origin policy by treating the response as JavaScript.
+Supply a `callback` parameter to use this.
+
+    <script>
+      function jsonpCallback() { alert("it worked!") };
+    </script>
+    <script src="https://api.travis-ci.org/?callback=jsonpCallback"></script>
+
+This has the potential of code injection, use with caution.

lib/travis/api/app/endpoint/documentation.rb

@@ -7,6 +7,9 @@ class Travis::Api::App
       set prefix: '/docs', public_folder: File.expand_path('../documentation', __FILE__)
       enable :inline_templates, :static
 
+      # Don't cache general docs in development
+      configure(:development) { before { @@general_docs = nil } }
+
       # HTML view for [/endpoints](#/endpoints/).
       get '/' do
         content_type :html
@@ -45,7 +48,7 @@ class Travis::Api::App
 
           def with_code_highlighting(str)
             str.
-              gsub('<pre', '<pre class="prettyprint linenums lang-js pre-scrollable"').
+              gsub('<pre', '<pre class="prettyprint linenums pre-scrollable"').
               gsub(/<\/?code>/, '').
               gsub(/TODO:?/, '<span class="label label-warning">TODO</span>')
           end