XMLHttpRequest.open, does it work on remote websites? | ansaurus

tags:

javascript

views:

170

answers:

1

Q:

XMLHttpRequest.open, does it work on remote websites?

I'm a bit confused about this.

Does XMLHttpRequest work on a remote URL or does it have to be a local file? There seems to be mixed information on the net.

According to w3.org: The XMLHttpRequest object can be used by scripts to programmatically connect to their originating server via HTTP.

But I've seen it used to access non-local web pages (in vista gadgets for instance for rss feeds) without using a proxy...

Enlighten me please!

+2 A:

It depends on the environment. If you run your JavaScript on a regular web page, XMLHttpRequest won't be able to connect to any other site. (That's what w3.org says, and browsers do implement this restriction.) However, in some contexts (such as Vista gadgets and Greasemonkey), it it possible to connect to any site in an AJAX request.

pts 2009-05-31 06:36:38

Nakes sense. Doesn't that bypass the security precautions though? Wouldn't gadgets be capable of xss?

kylex 2009-05-31 07:02:18

Yes, they are capable of xss. If you don't trust them, don't install them.

pts 2009-06-05 06:40:52

related questions

What JavaScript patterns do you use most?

Javascript events

What style do you use for creating an "class" in JavaScript?

Graphing JavaScript Library

What's the difference in closure style

Getting the text from a drop-down box

How to specify javascript to run when ModalPopupExtender is shown

Length of Javascript Associative Array

How Do I Post and then redirect to an external URL from ASP.Net?

How to set up a CSS switcher in ASP.NET

Wrapping lists into columns

Javascript keyboard events primer? (or rather: help me with my custom dropdown)

Http Auth in a Firefox 3 bookmarklet

Best Debugging Tools for JavaScript/xulrunner Development

How can I turn a string of HTML into a DOM object in a Firefox extension?

Call ASP.NET Function From Javascript?

Javascript troubleshooting tools in IE

MAC addresses in JavaScript

Capturing TAB key in text box

CSS Background Color in Javascript

How can I make the browser see CSS and Javascript changes?

Triple Quotes? How do I delimit a databound Javascript string parameter in ASP.NET?

ASP .Net Custom Client-Side Validation

What JavaScript library would you choose for a new project and why?

Detecting font in JavaScript