You develop an HTML application that is located at www.adventure-works.com. The application must load JSON data from www.fabrikam.com.

You need to choose an approach for loading the data.

What should you do?

A. Add a crossdomain.xml file to the second server.

B. Configure Cross-Origin Resource Sharing (CORS) on the servers.

C. Load the data in a JavaScript timeout callback.

D. Reference the remotedata as an XML resource.

Explanation:

* Cross-origin resource sharing (CORS) is a mechanism that allows Javascript on a web page to make XMLHttpRequests to another domain, not the domain the Javascript originated from. Such -cross-domain- requests would otherwise be forbidden by web browsers, per the same origin security policy. CORS defines a way in which the browser

and the server can interact to determine whether or not to allow the cross-origin request. It is more powerful than only allowingsame-origin requests, but it is more secure than simply allowing all such cross-origin requests.

* You must use Cross Origin Resource Sharing

Its not as complicated as it sounds…simply set your request headers appropriately…in Python it would look like:

self.response.headers.add_header(Access-Control-Allow-Origin, *);

self.response.headers.add_header(Access-Control-Allow-Methods, GET, POST, OPTIONS);

self.response.headers.add_header(Access-Control-Allow-Headers, X-Requested-With);

self.response.headers.add_header(Access-Control-Max-Age, 86400);