JSON: How do I make cross-domain JSON call

Question

I try to run the following jquery code in local Network.

 $.ajax({
     type: \"GET\",
     url: \"http://SomeSite/MyUrl/\",
     cache: false,
     data: {         


        

Answer 1

Actually you can only call GET.
There is no failproof way to call POST,PUT,DELETE or PATCH, via cross site scripting.
Only viable way is a hand written proxy.

Answer 2

Due to the same origin policy you can't do this. One workaround is to use the Flash AJAX jQuery plugin http://flxhr.flensed.com/ that uses a Flash movie to bypass the same-origin policy.

The other options are to proxy the requests through your own domain or use JSONP.

Answer 3

I had the same issue. Trying to get json from a server to wich I dind't had access (=> no JSONP).

I found http://benalman.com/projects/php-simple-proxy/ Add the php proxy to your server and do the ajax call to this file.
"Any GET parameters to be passed through to the remote URL resource must be urlencoded in this parameter."

$.ajax({
   type: 'GET',
   url:'proxy.php?url=http://anyDomain.com?someid=thispage',
   dataType: "json",
   success: function(data){
      // success_fn(data);
   },
   error: function(jqXHR, textStatus, errorThrown) {
      // error_fn(jqXHR, textStatus, errorThrown);
   }
});

where proxy.php (the file from Ben Alman) is hosted in your domain

---

Alternative (which I found to be second best to this):
http://james.padolsey.com/javascript/cross-domain-requests-with-jquery/

Answer 4

I had a similar issue. I tried the proxy script quoted by Symba but for some reason it could not work on my machine. In my case I was trying to send request to an app hosted on a JBoss AS on the same host. Somehow the version of JBoss I had did not have a way to modify response headers so that I could include "Access-Control-Allow-Origin", "*".

I solved it by using Symba's approach above but instead of Ben Alman's script I just set up a reverse proxy on my Apache Server, see https://www.simplified.guide/apache/configure-reverse-proxy . By defaults Apache would still have cross domain issues. By setting the response header "Access-Control-Allow-Origin", "*", see http://enable-cors.org/server_apache.html, the problem goes away.

Answer 5

Please have a look at cross domain jquery ajax request. If the remote server supports JSONP then I guess you can using callback.

Answer 6

If you have access to the server that you want to load resources/data from you might modify the request headers of the servers response to include

"Access-Control-Allow-Origin", "*"

The Same Origin Policy enforced by the browsers - as far as I know in varying degrees of strictness depending on the browser - is (partially?) based on the values of the response headers.

I had the same issue when trying to load json from a webservice. All the JS hacks I found to get around that didn't really work and I was wondering why I even have to do this, if I want to load data from a server that I myself control (and trust). Then I learned that the response headers of the server play a vital role in this whole issue. When I added the above mentioned header to the http response of my webservice, the problem was solved.