0

i have asmx web service running on my site and my application works fine. the application requests data from the web service using jQuery AJAX.

now i have another page on another site or domain and in that file i have added an absolute reference to the javascript file which has the jQuery AJAX calls. This does not work. I have been reading that client access policy file and cross domain files should be added. I have added those to the root of the first site as follows:

clientaccesspolicy.xml

<?xml version="1.0" encoding="utf-8"?>
<access-policy>
  <cross-domain-access>
    <policy>
      <allow-from http-request-headers="*">
        <domain uri="*"/>
      </allow-from>
      <grant-to>
        <resource path="/" include-subpaths="true"/>
      </grant-to>
    </policy>
  </cross-domain-a

ccess>

crossdomain.xml

<?xml version="1.0" encoding="utf-8" ?>
<cross-domain-policy>
  <allow-access-from domain="*" />
</cross-domain-policy>

But this does not work, can someone please help me understanding where i could be going wrong.

thanks in advance.

user1144596
  • 2,068
  • 8
  • 36
  • 56
  • This is a whole can of worms on its own, and there is no easy solution (unless you use HTML5-specific features). One option is to have your ASMX service return JSONP (maybe have a separate copy of the service that will do that), which will involve a fair bit of changes in your jQuery code but is most probably the easiest way. – Ruslan Oct 18 '14 at 06:31
  • I thought Access-Control-Allow-Origin was simple to apply globally to my service so any client could access it. – user1144596 Oct 20 '14 at 21:52
  • No, it works in some browsers but not others, etc... It is possible, but in my experience a major PIA. If you have an option to go with JSONP, just do that - you'll save yourself a lot of time and hair. – Ruslan Oct 21 '14 at 15:15
  • ok, so jsonp, any good samples on how to use it with good old asmx services – user1144596 Oct 21 '14 at 18:49
  • Yeah, it's just regular JSON but wrapped in a Javascript function call. Here might be a good start: http://stackoverflow.com/a/19491482/643951 . However, I should have mentioned that JSONP is pretty hacky; it is definitely much easier to accomplish than CORS (what you wanted to implement), but it is pretty clunky. It should work on all browsers, however. The CORS method is the "right way" of doing things, but won't work on older versions of IE and has buggy support on some browsers. Here is a complete matrix of browsers that support CORS: http://caniuse.com/#feat=cors – Ruslan Oct 21 '14 at 22:48

0 Answers0