Share

From this page you can share Cross-Site XMLHttpRequest in Firefox 3 to a social bookmarking site or email a link to the page.
Social WebE-mail
Enter multiple addresses on separate lines or separate them with commas.
Cross-Site XMLHttpRequest in Firefox 3
(Your Name) has forwarded a page to you from Ajaxonomy
(Your Name) thought you would like to see this page from the Ajaxonomy web site.

Cross-Site XMLHttpRequest in Firefox 3

Tagged:  

Over at John Resig's blog (you may know John from his work on jQuery) he has an interesting post about using the XMLHttpRequest object to get cross-domain data without a cross-domain proxy in Firefox 3 (currently in beta). The built-in cross-site XMLHttpRequest feature is new to Firefox 3.

Below is an excerpt from John's post.

In a nutshell, there are two techniques that you can use to achieve your desired cross-site-request result: Specifying a special Access-Control header for your content or including an access-control processing instruction in your XML.
More information can be found in the documentation but here's a quick peek at what your code might look like:
An HTML document (served via PHP) that specifies an Access-Control header: (Demo - FF3 Only)

<?php header('Access-Control: allow <*>'); ?>
<b>John Resig</b>

An XML document that specifies an access-control processing instruction: (Demo - FF3 Only)

<?xml version="1.0" encoding="UTF-8"?>

<?access-control allow="*"?>
<simple><name>John Resig</name></simple>

Now what's especially nice about all this is that you don't have to change a single line of your client-side code to make this work! Take, for example, this page which requests an HTML file from a remote domain - and, specifically, the JavaScript within it:

var xhr = new XMLHttpRequest();
xhr.open("GET", "http://dev.jquery.com/~john/xdomain/test.php", true);

xhr.onreadystatechange = function(){
  if ( xhr.readyState == 4 ) {

    if ( xhr.status == 200 ) {
      document.body.innerHTML = "My Name is: " + xhr.responseText;

    } else {
      document.body.innerHTML = "ERROR";

    }
  }
};
xhr.send(null);

You can read John's full post here.

As a person that loves the powers of web services from different domains (one thing I love about JSON is that by using DOM manipulation to load the code you can get around cross-domain issues without the overhead of a server side proxy) I hope that this feature catches on with more browsers as new versions of each browser is released so that it would have cross-browser support.