I have a web-page on my domain (ecmazing.com), and I'd like to be able to send AJAX requests to this URL:
http://hacheck.tel.fer.hr/xml.pl
It's a Perl script that is located on a different domain (and it returns an XML response).
The "Same origin policy" doesn't allow for Ajax communication from a web-page on my domain.
Now, I've heard about CORS, and I think that it could solve my issue. If I understand correctly, the admin of the hacheck.tel.fer.hr domain would have to configure the web-server so that Ajax requests from my domain (ecmazing.com) would be permitted.
Could you tell my what actions specifically the admin would have to perform? I'm going to contact him so I'd like to be able to give him the specifics...
CORS spec is here: http://www.w3.org/TR/cors/
Info about CORS is here: http://www.w3.org/wiki/CORS_Enabled
According to the link you sent it's enabled by defualt and only needs a .htaccess file change presuming it's apache:
To expose the header, you can add the following line inside
<Directory>,<Location>, and<Files>sections, or within an .htaccess file.I can say that as an admin you had better be well prepared to justify why this can't be done in code rather than on the server and why I should allow you to do this.
We're maintaining enable-cors.org for answering this kind of questions. If you want to share new recipes for configurations, pelase raise an issue.
You might want to consider Cross-Domain JSONP. From the Wiki: "'JSON with padding' is a complement to the base JSON data format, a pattern of usage that allows a page to request data from a server in a different domain. As a solution to this problem, JSONP is an alternative to a more recent method called Cross-Origin Resource Sharing."
I've started using this for several remote API's without any issues, it's great :)