Cross domain Ajax request from within js file

javascript ajax html

Solution 1:

It is XSS and it is forbidden. You should really not do things that way.

If you really need to, make your AJAX code call the local code (PHP, ASP, whatever) on blah.com and make it behave like client and fetch whatever you need from foo.com and return that back to the client. If you use PHP, you can do this with fopen('www.foo.com/blah.html', 'r') and then reading the contents as if it was a regular file.

Of course, allow_remote_url_fopen (or whatever it is called exactly) needs to be enabled in your php.ini.

Solution 2:

There is a w3c proposal for allowing sites to specify other sites which are allowed to make cross site queries to them. (Wikipedia might want to allow all request for articles, say, but google mail wouldn't want to allow requests - since this might allow any website open when you are logged into google mail to read your mail).

This might be available at some point in the future.

Related

Why getch() returns before press any key?
How to limit page access only to localhost?
Component Creation - Joining Components Together?
Comparing Object properties using reflection
Decrypt from SHA256
How to join two tables with ssp.class.php
How to sort TreeView items using SortDescriptions in Xaml?
Convert to UCS2
ClassCastException because of classloaders?
How to prevent direct access to my JSON service?
How to install one jar variant of JSF 2.3 (javax.faces.jar) on WildFly
jQuery plugin DataTables: How to highlight the current search text?