views:

700

answers:

2

From what I understand, due to the "same origin policy" enforcement in current browsers, it's impossible to obtain data from an XmlHttpRequest sent to a different domain than the Javascript's original domain.

I have close to zero experience regarding this matter, so I'm confused about web services being unusable from Javascript. Does it mean that web applications with Ajax functionality can only interact with themselves without calling services provided by other domains ? How do "mash-ups" work ? I guess the services are consumed server-side, then the data is passed to the client via local Ajax calls. I don't know.

The only way I can imagine to achieve client-side consuming of services would be to retrieve a Javascript file directly from the target web service's domain via a <script> tag, then use its API to interact with the remote domain.

Can anyone enlighten me ?

+3  A: 

Have a look at JSONP, which works around the same origin policy using pretty much the approach you are describing, just make sure you trust where you get it from...

seanb
Thanks, I will do some research about JSONP.
Franck
+5  A: 
Eugene Lazutkin