0

I'm trying to load a xml file located on wikipedia but I get this error in the browser console:

XMLHttpRequest cannot load (file url here) Origin http://localhost is not allowed by Access-Control-Allow-Origin.

The code:

jQuery(document).ready(function(){
  jQuery.ajax({
    type: 'GET',
    url: 'http://upload.wikimedia.org/some_file.svg',
    dataType: 'xml',
    success: function(xml) {

    }
  });
});

What's wrong?

Alex
  • 66,732
  • 177
  • 439
  • 641
  • http://stackoverflow.com/questions/9327218/access-control-allow-origin-not-allowed-by this might throw detailed light to the occurrence `:))` – Tats_innit Sep 02 '12 at 23:31
  • see [Same origin policy](http://en.wikipedia.org/wiki/Same_origin_policy) and [Cross-Origin Resource Sharing](http://en.wikipedia.org/wiki/Cross-Origin_Resource_Sharing) – Musa Sep 02 '12 at 23:33

2 Answers2

1

As the error unclearly says, you cannot use AJAX to read content from another domain.

SLaks
  • 868,454
  • 176
  • 1,908
  • 1,964
1

It's to reduce some security risks. Resources can only be used from XMLHttpRequest (which jquery's ajax uses the same as other ajax methods) from other domains if the server the resource is on says so (which frankly is a bit backwards as far as the security aspects go, but I didn't design the mechanism, so don't blame me).

The most flexible approach is get around this to use a pass-through on your own server, so you hit http://localhost/passThrough/?uri=http%3A%2F%2Fupload.wikimedia.org%2Fsome_file.svg and your handler for that (in ASP.NET, PHP, or whatever) then gets the uri from the query, accesses it, and passes the response straight back (ideally sending caching headers based on those it received so if the target says it's cacheable for a year, your server says that too, and if the target says it's cacheable for five minutes...)

This removes the technical issues, not the legal - e.g. if you don't keep by the relevant license on the resource, you're now pirating.

Jon Hanna
  • 110,372
  • 10
  • 146
  • 251