Cross domain Ajax requests


From home, cross domain Ajax requests are not allowed for safety reasons, because as foreign malicious code when the client can be downloaded and executed.

Anyway to send a successful AJAX request to a different domain or subdomain or even from HTTP to HTTPS, do you need the access-control-allow-origin.

You must use not jsonp, How many propose, but can use regular json (the AJAX request is sent from www.mydomain1.de):

<script>
    $.ajax({
        url: "http://www.mydomain2.de/ajax.php",
        type: 'GET',
        crossDomain: true,
        dataType: 'json',
        success: function(data) {
            console.log( data );
            $( ".result" ).html( data );
        },
        error: function( data) {
            console.log("error ajax");
            console.log( data );
        }
    });
</script>
<div class='result'></div>

Only the following code must be included on the own mydomain2.de/ajax.php page, to bypass the access-control-allow-origin:

header('Content-Type: application/json');
header('Access-Control-Allow-Origin: http://www.mydomain1.de');

echo json:encode("it works");
die();