Reputation: 49533
Cross-domain AJAX
For what I understand cross-domain AJAX calls are not possible for security reasons.
I've understood that's it's possible to do it by using JSON-P though.
My question: why are cross-domain AJAX calls forbidden, but actually possible in a less practical way? It would be simpler to just authorize it.
How are you supposed to do for those kind of simple scenarios:
- geocoding a location by calling Google Maps webservice
- fetching Flickr images through its webservice
- ajax to a different domain but it's the same application (server farms for example?)
- ... (those are just examples)
If I have to wrap/proxy these calls with a server-side script, that's just boring and time lost... You can't make a full Javascript application in the end? (if you want to use external webservices I mean)
Upvotes: 0
Views: 459
Answers (1)
Reputation: 943097
why are cross-domain AJAX calls forbidden
You are logged on to your bank, right? OK, I'll just make a Ajax request to your bank and read your account number, sort code, and so on.
How are you supposed to do for those kind of simple scenarios
- Server side proxy
- JSON-P
- CORS
If I have to wrap/proxy these calls with a server-side script, that's just boring and time lost
Many things would be easier if we didn't have to worry about security. We wouldn't need locks on doors, passwords on accounts, etc, etc.
Upvotes: 4
Related Questions
- jquery + cross domain + ajax + webservice call
- How to call asp.net web services using ajax from cross domain
- ajax crossdomain call
- Consuming WebService in Cross Domain
- Cross-domain Ajax call with Jquery
- AJAX cross domain request
- Cross site webservice ajax call
- Javascript Cross Domain Web Service Call
- JQuery ajax call to cross-domain webservice
- cross domain jquery ajax request