Browser same origin policy is to disable the original document from a domain accessing other document from another domain (cross domain). This policy has been introduced to prevent certain kinds of cross scripting attacks such as hijacking the user to remote site, stealing the cookies and impersonating the victim, key stroke logging e.t.c. This policy is enforced in most modern browsers(IE enforced this from version 8).
The call will return the java script method invocation foo(‘JSONData’) where ‘JSONData’ is the service results (Twitter search results in this case). We need to define a java script function named foo which takes a JSON format parameter and do the processing.
The other workarounds are
Flash Policy files(
) – The Cross domain needs to have a configuration file (cross-domain.xml) which mentions whether to allow the cross domain traffic or not. When cross domain hosts this file then we can make any type of call (Web service, Json, Html e.t.c) to the cross domain. There are many free third party Add-ons to support this. The popular one is “flxhr”
IE8 XdomainRequest -
JSONRequest ( http://www.json.org/JSONRequest.html ) - Server doesn’t need to support the JSONP format – This is in proposal not yet adopted or implemented by any browser or forum .