YQL is more-or-less a poor-man's simple php proxy. it's nice because it converts things to JSON, but the impossible part that is does is move bits from a restrictred domains into a JSONp url that can be added to any page using <script src=xxx /> tags.
@rnd me: Do you think I could use POST similarly this way, instead of GET?
yes, even delete and put could work, but it's customizable in the Access-Control-Request-Method header. if you POST anything other than urlformdata, you need that extra header in addition to your allow-origin one...
also make sure OPTIONS requests work on your server to enable pre-flights.
There is an Iframe (mypage1) within an Iframe (mypage2) of the origin site. I have access to the two pages with the i-frames only. I don't believe the origin site is jsonp compatible and cookies must be passed. Can headers be used on my 2 iframe pages to fill in form data with in the i-frame? What type of files need the headers in case I can get the origin site to help?
Thanks for your kind replies,