1

Since Ajax requests are limited for security reasons, there's not much to it, just follow the rules eh .. but I've crossed with this :

https://developer.mozilla.org/en/Same_origin_policy_for_JavaScript

It's written that you can "bypass" those rules, in case you're working with subdomains of the same domain, with the following javascript line :

document.domain = "company.com";

I haven't tried it yet, since I don't know if this only works (perfectly works) with any other browser, or at least the major ones. Is it possible?

Thanks.

yoda
  • 10,834
  • 19
  • 64
  • 92
  • I would, but client's aren't the most comprehensive beings on earth and love timelines for some reason .. – yoda Jan 04 '11 at 23:38
  • read the second reply of this SO post: http://stackoverflow.com/questions/231478/ajax-subdomains-and-ssl – Zachary Jan 04 '11 at 23:41
  • @Pekka, I want to know if it works on the major browsers. – yoda Jan 04 '11 at 23:42

3 Answers3

1

I would recommend JSONP for cross-domain requests. It is relatively easy to use and allows you to request anything (as long as it is in JSON format) from any server/script that supports the callback. The good thing about JSONP is, that it works in older browsers, unlike many of the other solutions.

The only serious limitation seems to be that it always uses the HTTP GET method, as Matthew Abbott pointed out in the comments.

Ahmad Y. Saleh
  • 3,309
  • 7
  • 32
  • 43
jwueller
  • 30,582
  • 4
  • 66
  • 70
  • I must add JSONP can only be used with GET – Matthew Abbott Jan 04 '11 at 23:42
  • @yoda: Did you add the callback on the server side? It works perfectly fine for me using jQuery. – jwueller Jan 04 '11 at 23:43
  • @Matthew Abbott hmm, that's something new, not mentioned on jQuery documentation at all .. anyway, I need to use POST for what I want. – yoda Jan 04 '11 at 23:43
  • @elusive: callback on the server side? care to explain? – yoda Jan 04 '11 at 23:44
  • 1
    @yoda: JSONP works like this: A function with a unique name is introduced (say `jsonpCallback`). A script-tag gets inserted into the DOM. It points to the URL that you're trying to request. The query string contains the name of that callback function. The server builds your response (`{"foo":"bar"}`) and wraps the result with the function: `jsonpCallback({"foo":"bar"});`. This gets executed on the client side and you recieve your data through that function. jQuery does most of this for you, but you need to wrap the JSON with the callback function on the server, since jQuery is client-side. – jwueller Jan 04 '11 at 23:50
  • 1
    @yoda as @elusive has stated, JSONP works by injecting a `` element into the page which causes the browser to request the script. Like all scripts and images, these are GET requests. You can't do a POST with JSONP because of this. – Matthew Abbott Jan 04 '11 at 23:56
  • Thank you both for the explanation :) – yoda Jan 05 '11 at 04:54
  • @MatthewAbbott: interesting, I was just getting ready to implement a cross-domain plugin to do just that (``), but wasn't sure if type was important- good to know I don't have to test or write it myself (2 years later). – vol7ron Mar 07 '13 at 02:07
1

If you have control of the other domain, you can use CORS. (Yes, I know this doesn't answer your actual question. Sorry, best I could do.)

Michael Lorton
  • 43,060
  • 26
  • 103
  • 144
0

For the record, document.domain works. However, it doesn't support subdomains for some reason.

yoda
  • 10,834
  • 19
  • 64
  • 92