Simple XML HttpRequest question

Question

I'm trying to launch a request for some data from an external website w/ an API.

If I copy paste the request into my web-browser it works fine. Example such as (http://example.com/json/user/search/all) I can see the results in the browser window.

However, I'm trying to launch this query from a website and I'm running into an issue: Using some javascript like this: var req = new XMLHttpRequest(); req.open('GET', abovementionedurl, true) req.send()

I get an error that reads: Origin (MyDOMAIN) is not allowed by Access Control Allow Origin.

Again, I'm fairly new to XMLHttpRequests and I think this is fairly simple to solve. Anyone know? (I tried searching google but couldn't find a good answer) Thanks in advance.

Answer 1

You are not allowed to do Cross-Site XMLHttpRequests and need to use a proxy to accomplish it.

This article from Yahoo explains it in detail and gives more ideas of how to solve it. But basically it should not be done because this restriction exists for security purposes.

It would be better if you used PHP and fopen() for instance and simply called that page using your XMLHttpRequest object.

Answer 2

The problem is the same-origin policy. This is a rule that XMLHTTPRequests may not be used except on the same domain as the original page. This is for security reasons.

The easiest way around it is to write a server-side script that proxies the request for you.

Answer 3

This is your browser's protection against cross side scripting. You are not allowed to access other pages that come from a different domain.

EDIT: Also check this: Cross-site XMLHttpRequest