How can i get around the same origin policy?

Question

I need to use AJAX to get the content of another page located on a different server from the one the AJAX is loaded from. The AJAX needs to send a POST request then return the result. how can i do this?

Answer 1

If you want to do that on the client and cross browser, you need some cooperation from the other server.

Either by:

1) using JSONP (inject a script tag with a callback function)
Only GET calls are possible though.
Security is an issue as the script has access to all resources in that page(data, cookies, ...).
Here's a post that explain how to sandbox them and keep the data in your page safe.

2) POST looks possible using Kris Zip's window.name technique

If the cooperation from the other server is impossible, the server proxy as described in other answers is, to my knowledge, the only option left.

Answer 2

if you control both servers, you can use one of the HTTP header fields for cross-origin resource sharing:

http://www.petefreitag.com/item/703.cfm

https://developer.mozilla.org/En/HTTP_access_control

Answer 3

There is no way to go around that policy. This policy is there for very good reasons. That is also no problem as long as you're in control over the web application. You could simply redirect the call to the other server from your webserver and pass the result. This would work out like a proxy.

Answer 4

Set up proxy on your own server. Have your server call theirs and return the result.