There is problem with that ajax part - what you really want is cross-domain XHR, with no proxies (YQL). However github will not send the necessary header for that to work - github won't send access-control-allow-origin: *.
YQL handles cross domain see
http://ajaxian.com/archives/using-yql-as-a-proxy-for-cross-domain-ajaxI agree it would be better without the proxy. Perhaps when it is packaged as a chrome extension the proxy could be bypassed.
I assume you started carbonwallet because you dont want to repeat piuk's mistakes, or am I wrong?
Yeah proxies sucks because you can special-case the yahoo ip range. The checker must be indistiguishable from regular browser. Basically, you need to do this:
#!/bin/bash
curl -s https://raw.github.com/carbonwallet/carbonwallet.github.io/master/index.html | grep 'src=' | cut -d '"' -f 2 | while read n; do echo "Checking $n"; diff -B <( curl -s http://carbonwallet.com/$n ) <( curl -s https://raw.github.com/carbonwallet/carbonwallet.github.io/master/$n ); done
diff -B <( curl -s http://carbonwallet.com/ ) <( curl -s https://raw.github.com/carbonwallet/carbonwallet.github.io/master/index.html )
But from browser and without referrer (https vs http xhr).
Using chrome extension is silly, because then you can just have whole wallet in it and not bother with checking. The checker is valuable on mobile devices where extensions (and local static html files) dont work or poorly. Perhaps android app using webview?