Overcomming same-origin policy restrictions with JSONP.
AJAX has a restriction that it can only retrieve data from the same resource.
There are several techniques for accessing dta exposed by external servers:JSONP and CORS.
AngularJS contains API that uses JSONP to get data from foreign server.
$http.jsonp(url,config);
the url must contain the JSON_CALLBACK request parameter. that is the URL must be like
xxxx?callback=JSON_CALLBACK
Check out CORS, another way to overcome same-origin policy restrictions
CORS is a W3C specification that aims at solving the same problem as JSONP does , only in a
more standard,reliable , and secure way.
The CORS specificatoin builds on top of the XMLHttpRequest object ot enable the cross-domain AJAX
requests.
CORS requests are roughly divided into "simple" and "non-simple" ones. GET ,POST,HEAD requests
are considered as "simple".
With non-simple requests , the browser is oblisged to send a probing OPTIONS request and wait for the
server's approval before issuing the primary request. So the server must be well-configured for handling
the OPTIONS request.
But, there is also another way to approach the cross-domain request. that is use a local server as
a proxy to a foreign one.
for example, back-end is written by JAVA. then i can get foreign data through JAVA, and then send it
to font-end when requested.