How can data be routed thru an app-engine domain if the request is from a page on a users computer?

I have an application on google app engine that serves an html file with the following script

<script>
  C开发者_JS百科hemDoodle.iChemLabs.getMoleculeFromDatabase('pubchem', 'morphine', function(mol){
    alertMolecule(mol);
  });
</script>

This uses a XHR level 2 request, which requires that iChemLabs (or whoever the server side people are) enable support for my domain. What is the domain that the server side (with XHR enabled) should enable? I don't really understand how data can be routed through the app engine domain if the request is coming from an html page sitting on an app-user's computer?

I think you are talking about Cross-Origin Resource Sharing (CORS) which is method that web servers can use to let the browser know which sites (identified by domain) can share information with each other.

Mozilla has a good detailed run through of how it should work. It relatively new and only modern browsers implement it.

Nothing is "routed through" anybodies apps, all you are doing is telling the browser that sitea.com is happy to share data and accept requests that originated from an application originally served by siteb.com