Hopefully, the Cross-Origin Resource Sharing (CORS) specification is there to allow Ajax request to be sent from a domain to another domain, and even working with cookies.
With jQuery, IE8+ is not supported because it used another separate object called XDomainRequest. Thus, several plugins can be found to add a complete CORS support with jQuery. Amongst them we have:
- This one or this one, which provide their own API around jQuery code
- This one which overrides some jQuery methods.
Thus, we developed a working jQuery CORS plugin which transparently add CORS support, even in IE8+. for this, we used $.ajaxSettings.xhr to redefine the way Ajax request implementations are created.
Microsoft's XDomainRequest does not allow cookies to be passed in the headers. So we needed to rewrite the requests to add support for a potential session cookie in the url directly. This allows the web server to correctly found the session on server-side.
That's all !
Code source of the jQuery CORS Plugin on GIST.
If have any comments or bugs, please use the comment thread on the GIST page.