@ddo
All you have to do is to be honest with potential users of your code.
Edit your readme.md and add what you just said above.
But there are some cases that we can accept it and take the risk by your own if you understand how it works.
Again state this clearly in your readme.md. You can’t expect that users should first read your code to find out what it does. Your code is an abstraction, so they don’t need to know inner working of it to understand how it works. And your README doesnt say what your code realy does.
From your README:
Before you start hacking, make sure you understand the limitations posed by cross-domain XMLHttpRequest.
Again this doesn’t cover even closely, what are the dangers of using your code. All it says is that users should know that their apps/pages might not have access to pages from other domains, when using your library. When the real danger is completely compromised app and user security!
I’ve read your README and replied to you here. You did nothing.
