By Volodymyr Bakhmatiuk

2013-07-26 06:50:57 8 Comments

As you know, the security of the web browser disallows making of cross domain requests. I read a book which says that you should use XMLHTTPRequest only if you can put the files on the server (means put the page you will load to the same requested domain). If you can't - you should search for an alternative.

My questions are:

  1. What is the cross domain alternative to XMLHTTPRequest?
  2. What about WebSockets? Does this technology allow cross domain request?

EDIT: It still isn't clear to me...

For example, I pull my page from and I need to request javascript from So the pulled page should include something like:

<script src=""></script>

to avoid cross domain restrictions.

And I can use JSONP, and request will look like:

But: isn't it the same? I just pull js from another domain! Does it avoid cross domain restrictions?


@Tarek Jellali 2014-03-04 14:49:16

If you're willing to transmit some data and that you don't need to be secured (any public infos) you can use a CORS proxy, it's very easy, you'll not have to change anything in your code or in server side (especially of it's not your server like the Yahoo API or OpenWeather). I've used it to fetch JSON files with an XMLHttpRequest and it worked fine.

@leggetter 2013-07-26 18:43:01

You can make cross domain requests using the XMLHttpRequest object. This is done using something called "Cross Origin Resource Sharing". See:

Very simply put, when the request is made to the server the server can respond with a Access-Control-Allow-Origin header which will either allow or deny the request. The browser needs to check this header and if it is allowed then it will continue with the request process. If not the browser will cancel the request.

You can find some more information and a working example here:

JSONP is an alternative solution, but you could argue it's a bit of a hack.

@Charles Wood 2015-11-17 20:02:28

I would argue that this is also a bit of a hack. Not keeping me from using it, though! :D

@Arun Bertil 2013-07-26 07:05:18

Do a cross-domain AJAX call

Your web-service must support method injection in order to do JSONP.

Your code seems fine and it should work if your web services and your web application hosted in the same domain.

When you do a $.ajax with dataType: 'jsonp' meaning that jQuery is actually adding a new parameter to the query URL.

For instance, if your URL is then jQuery will add ?callback={some_random_dynamically_generated_method}.

This method is more kind of a proxy actually attached in window object. This is nothing specific but does look something like this:

window.some_random_dynamically_generated_method = function(actualJsonpData) {
    //here actually has reference to the success function mentioned with $.ajax
    //so it just calls the success method like this: 

Check the following for more information

Make cross-domain ajax JSONP request with jQuery

@Volodymyr Bakhmatiuk 2013-07-26 07:11:39

yeah, thanks. But can you provide answer to the question id EDIT area, please

Related Questions

Sponsored Content

51 Answered Questions

[SOLVED] How do I check if an element is hidden in jQuery?

75 Answered Questions

[SOLVED] How do I make the first letter of a string uppercase in JavaScript?

26 Answered Questions

[SOLVED] Access-Control-Allow-Origin Multiple Origin Domains?

68 Answered Questions

[SOLVED] How do I remove a particular element from an array in JavaScript?

  • 2011-04-23 22:17:18
  • Walker
  • 4908242 View
  • 6173 Score
  • 68 Answer
  • Tags:   javascript arrays

54 Answered Questions

[SOLVED] How do I include a JavaScript file in another JavaScript file?

32 Answered Questions

[SOLVED] How do I return the response from an asynchronous call?

35 Answered Questions

[SOLVED] How do I remove a property from a JavaScript object?

88 Answered Questions

[SOLVED] How do JavaScript closures work?

59 Answered Questions

[SOLVED] How do I redirect to another webpage?

48 Answered Questions

Sponsored Content