Appendix D. Other cross-origin techniques
This appendix covers alternatives to CORS. Before CORS, the techniques described here could be used to make cross-origin requests. While CORS is the standard for modern web applications, these alternative techniques are useful for making cross-origin requests from older browsers.
Each technique follows a similar pattern, as illustrated in figure D.1. The client wants to make a request to a server that lives at a different origin. In between there is a proxy mechanism that processes the request from the client and sends it to the server.
figure D.1 will reappear in each section that follows to help highlight how each technique operates.
JSONP, which stands for JSON with padding, uses the browser’s own script tag to send cross-origin requests, as shown in figure D.2.
The following listing shows how to use JSONP to recreate the Flickr example from chapter 1.