362
seCure develoPment For mobIle APPs
$(dynamicData).find('#videoObject').attr('data', newURL);
$(dynamicData).find('#youTubeMsg').html(newURLmsg);
// videoHTML is trusted in this case only in that it was
hardcoded above
createVideoMarker(vidLocation, dynamicData, vidDesc);
},
error:function (xhr, ajaxOptions, error){
alert(error);
}
});
}
function loadSafeDynamicVideoPins()
{
//set by direct client side input, set by user input via database
//either way, data is untrusted
var vidLocation = "Belle Isle, MI";
var vidDesc = "Safe";
var vidRequest = { video : 'true'};
$.ajax({
type: "POST",
url: "loadSafeVideoURL.php",
data: vidRequest,
dataType: "text",
success: function(data){
try{
//json is in string form as per 'text' dataType ...