Javascript/JQuery ajax help needed

I'm a little confused here, maybe someone can help.

1) Javascript ajax request question: Can I use XMLHttpRequest to directly make a request to an开发者_如何学Cy other website - not the originating server?

2) JQuery ajax request question: Can I use $.ajax to directly make a request to any other website - not the originating server?

Browsing the web, I've found some stuff about how this might be forbidden due to XSS(cross-site-scripting), and that the work-around is to use a server scripting language and a webservice...but whatever that's not any concern to me.

If anyone can answer, please help!

I believe there is a confusion of terms here. This has nothing to do with XSS. The reason why you cannot get information with javascript across different domains (even http vs. https on the same domain) is due to the Same Origin Policy, which exists to prevent confusion of a session on a trusted site with an untrusted one without the user's direct intervention (e.g. by choosing to visit the different domain). XSS is a totally different concept that has to do with the infusion of scripts into a page to with malicious intent for the user.

As for accessing across domains all hope is not lost. XMLHttpRequest vs. .ajax() doesn't matter, but jsonp allows for an exchange of information across domains. Since HTML5, postMessage() has also been introduced which allows communication across domains as well (and to scripts no less!)

this question discusses the same problem. you have to fetch contents of other site on server side

You can not cross-site ajax requests. When you use jquery $.ajax to get data from a different domain, behind the scenes jquery takes the url and appends a include in the header of the document.

You're correct this is forbidden for security reasons.

jQuery's .ajax() is a simple way to use JavaScript's XMLHttpRequest in one function. In the end, it's just XMLHttpRequest.

Cross Site Scripting (XSS) prevents all cross-domain requests, but yes, you can use a serverside solution to overcome it.

But then there's JSONP, which does let JavaScript do cross-site requests, but only for a limited dataset.

Yes, it's possible with JSONP. Use it like this:

$.ajax({
   url: 'remote_url',
   type: 'post',
   dataType: 'jsonp',  //This does the trick
   success: function(remoteData){
      //Use remoteData here. Note it's already json parsed, so it's a javascript object
   }
});

Hope this helps

Lastly you CAN make cross domain ajax if the server you are calling has implemented CORS and allows your domain to call it

1) Javascript ajax request question: Can I use XMLHttpRequest to directly make a request to any other website - not the originating server?

No, the server at the domain you're trying to connect to must accept cross-domain AJAX; otherwise, the only way to access this data is by using a page at your server that will proxy the requested data to your visitors.

2) JQuery ajax request question: Can I use $.ajax to directly make a request to any other website - not the originating server?

jQuery AJAX technology is actually a wrapper around the native XMLHttpRequest, so if the normal XMLHttpRequest works, the same should be true for jQuery.