JavaScript XMLHttpRequest breaks when accessed from alternate domain name

I have two domain names that point to my website, nathannifong.com, and uncc.ath.cx. Javascript on the site occasionally needs to pull down resources with XMLHttpRequest. All URLs of resources in client scripts refer to nathannifong.com, and when a user comes to the site by uncc.ath.cx, the scripts fail becaus开发者_开发问答e of cross domain secuity policy in JavaScript.

What should I change so that users can come to the site by any domain name, but the XMLHttpRequests still work?

If you are using the Domain Name in the URL's to make a ajax request, remove it hence the domain is automatically mapped to the one the user is using and you will not have the cross domain issues.

xhr is contrained by the same origin policy and will not work cross domain - for that use jsonp as already mentioned.

According to The CodeProject, JSONP would be a way of accomplishing this. I've not used it myself, however, but it might be worth taking a look there.

You could look at window.location to determine the page's domain, and then use that to load the request? That way you'd be sure that the request was going to the right domain. You could also look into JSONP, but only for GET requests.