You develop an HTML application that is located at www.adventure-works.com. The application must load JSON data from www.fabrikam.com.
You need to choose an approach for loading the data.
What should you do?
A. Add a crossdomain.xml file to the second server.
B. Configure Cross-Origin Resource Sharing (CORS) on the servers.
C. Load the data in a JavaScript timeout callback.
D. Reference the remotedata as an XML resource.
Explanation:
* Cross-origin resource sharing (CORS) is a mechanism that allows Javascript on a web page to make XMLHttpRequests to another domain, not the domain the Javascript originated from. Such -cross-domain- requests would otherwise be forbidden by web browsers, per the same origin security policy. CORS defines a way in which the browser
and the server can interact to determine whether or not to allow the cross-origin request. It is more powerful than only allowingsame-origin requests, but it is more secure than simply allowing all such cross-origin requests.
* You must use Cross Origin Resource Sharing
Its not as complicated as it sounds…simply set your request headers appropriately…in Python it would look like:
self.response.headers.add_header(Access-Control-Allow-Origin, *);
self.response.headers.add_header(Access-Control-Allow-Methods, GET, POST, OPTIONS);
self.response.headers.add_header(Access-Control-Allow-Headers, X-Requested-With);
self.response.headers.add_header(Access-Control-Max-Age, 86400);