It is only considered to be the same if the protocol, host and port is the same: Same Origin Policy

If you want to enable it you must follow Cross-Origin Resource Sharing (cors) by adding headers. Mozilla has examples

You need to add Access-Control-Allow-Origin as a header in your response. To allow everyone (you should probably NOT do that):

Access-Control-Allow-Origin: *

If you need to support multiple origins (for example both example.com and www.example.com), set the Access-Control-Allow-Origin in your reply to the value of the Origin-header from the request (after you verified that the Origin is white-listed.)

Also note that some requests send a preflight-request, with an OPTION-method, so if you write your own code you must handle those requests too. See Mozilla for examples.


The port numbers are different.

A request is considered cross-domain if any of the scheme, hostname, or port do not match.