diff --git a/docs/01_cross_origin.md b/docs/01_cross_origin.md index 2119d004..d6408bef 100644 --- a/docs/01_cross_origin.md +++ b/docs/01_cross_origin.md @@ -9,7 +9,18 @@ reason for using JSONP, we recommend you use CORS. ## Cross-Origin Resource Sharing -... some general docs here ... +All API resources set appropriate headers to allow Cross-Origin requests. Be +aware that on Internet Explorer you might have to use a different interface to +send these requests. + + // using XMLHttpRequest or XDomainRequest to send an API request + var invocation = window.XDomainRequest ? new XDomainRequest() : new XMLHttpRequest(); + + if(invocation) { + invocation.open("GET", "https://api.travis-ci.org/", true); + invocation.onreadystatechange = function() { alert("it worked!") }; + invocation.send(); + } In contrast to JSONP, CORS does not lead to any execution of untrusted code. diff --git a/lib/travis/api/app/endpoint/documentation.rb b/lib/travis/api/app/endpoint/documentation.rb index 5f56edac..907f9c7b 100644 --- a/lib/travis/api/app/endpoint/documentation.rb +++ b/lib/travis/api/app/endpoint/documentation.rb @@ -38,14 +38,18 @@ class Travis::Api::App end def docs_for(entry) - markdown(entry['doc']). - gsub('/, ''). - gsub(/TODO:?/, 'TODO') + with_code_highlighting markdown(entry['doc']) end private + def with_code_highlighting(str) + str. + gsub('/, ''). + gsub(/TODO:?/, 'TODO') + end + def general_docs @@general_docs ||= doc_files.map do |file| header, content = File.read(file).split("\n", 2) @@ -58,7 +62,7 @@ class Travis::Api::App end header.gsub! /^#* */, '' - { id: header, title: header, content: content, subheaders: subheaders } + { id: header, title: header, content: with_code_highlighting(content), subheaders: subheaders } end end