Home :: Blogs :: David Hurth's blog

Cross-Site XMLHttpRequest in Firefox 3

By David Hurth - Posted on January 9th, 2008
Tagged:  

Over at John Resig's blog (you may know John from his work on jQuery) he has an interesting post about using the XMLHttpRequest object to get cross-domain data without a cross-domain proxy in Firefox 3 (currently in beta). The built-in cross-site XMLHttpRequest feature is new to Firefox 3.

Below is an excerpt from John's post.

In a nutshell, there are two techniques that you can use to achieve your desired cross-site-request result: Specifying a special Access-Control header for your content or including an access-control processing instruction in your XML.
More information can be found in the documentation but here's a quick peek at what your code might look like:
An HTML document (served via PHP) that specifies an Access-Control header: (Demo - FF3 Only)

<?php header('Access-Control: allow <*>'); ?>
<b>John Resig</b>

An XML document that specifies an access-control processing instruction: (Demo - FF3 Only)

<?xml version="1.0" encoding="UTF-8"?>

<?access-control allow="*"?>
<simple><name>John Resig</name></simple>

Now what's especially nice about all this is that you don't have to change a single line of your client-side code to make this work! Take, for example, this page which requests an HTML file from a remote domain - and, specifically, the JavaScript within it:

var xhr = new XMLHttpRequest();
xhr.open("GET", "http://dev.jquery.com/~john/xdomain/test.php", true);

xhr.onreadystatechange = function(){
  if ( xhr.readyState == 4 ) {

    if ( xhr.status == 200 ) {
      document.body.innerHTML = "My Name is: " + xhr.responseText;

    } else {
      document.body.innerHTML = "ERROR";

    }
  }
};
xhr.send(null);

You can read John's full post here.

As a person that loves the powers of web services from different domains (one thing I love about JSON is that by using DOM manipulation to load the code you can get around cross-domain issues without the overhead of a server side proxy) I hope that this feature catches on with more browsers as new versions of each browser is released so that it would have cross-browser support.

Pingback
Submitted by My Domains &amp;raquo; Blog Archive &amp;raquo; Cross-Site X (not verified) on January 9, 2008 - 11:16pm.

[...] Original post by Ajaxonomy - The Study of Ajax and Other Interesting Web Technologies [...]

It is not supported anymore
Submitted by Anonymous (not verified) on May 20, 2008 - 2:38am.

It is not supported anymore in the latest release of FF3 build 5

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre> <div> <blockquote> <object> <embed> <img> <param>
  • Lines and paragraphs break automatically.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.