Is the "No 'Access-Control-Allow-Origin' header" error message from the browser or from XmlHttpRequest?

Question

When doing a (intentional failing) cross-domain-request with the following code:

var request = new XMLHttpRequest();
request.open("GET", 'http://code.jquery.com/jquery-2.1.1.min.js');
request.onerror = function(error) {
    alert(error.target.status)
};
request.send()

I will get the following expected error message in the developer console.:

XMLHttpRequest cannot load http://code.jquery.com/jquery-2.1.1.min.js No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.

But is this error message from the XmlHttpRequest or from the Browser?

I want to graps that error message from the XmlHttpRequest, but I can't see where.

With the above code I would expect (as seen in https://stackoverflow.com/a/16931075/343475) to see an error message in the alert box, but all I get is 0.

Answer 1

But is this error message from the XmlHttpRequest or from the Browser?

XMLHttpRequest is part of the browser. So "yes".

If you meant "Is the error from the server or from the browser" then it is from the browser. The server can't know if you are making a cross origin request or not.

With the above code I would expect (as seen in https://stackoverflow.com/a/16931075/343475) to see an error message in the alert box, but all I get is 0.

The status code would provide information about the resource on the foreign origin (it would tell you if the resource existed and if the user of the browser had permission to access it) so it is suppressed by the Same Origin Policy.