Hello I 'm developing a personal api / router and as far as I know cross-domain requests are not allowed hence and the usage of jsonp - get requests. However I think it is possible to set the headers to a specific url ex:('/remote/api/{value}') on your php router to allow cross-domain-origin to everyone (but only on that url alone). And I'm wondering what should I do ? I know that the standard (if I'm not mistaken is to use jsonp) when you do cross-domain requests .
So how should I approach this? and would it be bad if I allow remote post submissions for a specific url subset ?
I think you're looking for the Access-Control-Allow-Origin header. This header can be set with php (the header function) for any page you like.
You can set the value of header to a specific URL - probably your own site, or to a * to mean everything. Unless you need this, don't use it. This is only ok for a stateless API with authentication for each request. If you rely on cookies or other built in security, you're at risk for a cross-domain attack.
There are plenty of other resources about this:
Make sure you know what you're doing before using this.