Cross domain request using Ajax

Due to security issue browser will not allow cross site request using ajax. Cross domain request will allow only server specify same origin server policies.

Read about CORS in wiki.

To enable CORS need to specify header in server.

1. Access-Control-Allow-Origin -> Domain name. (* for all domain).

2. Access-Control-Allow-Methods -> Http methods like GET,POST, DELETE…

3. Access-Control-Allow-Headers -> Http headers like content-type, content-range.

See blow example code for php

Below code shows how destination domain handles the Cross domain request.

note * : Cross site request working in all latest browsers including ie9.

If you are using IE8 means need to use content type as window.XDomainRequest.

Use the cross site request site plugin https://github.com/MoonScript/jQuery-ajaxTransport-XDomainRequest.

When using XDomainRequest we need to follow 3 rules.

1. Use only neither GET or POST.

2. Use only neither HTTP or HTTPS.

3. Always asynchronous.

Sample Code