XMLHttpRequest Level 2 / CORS


Cross-Origin Resource Sharing
XMLHttpRequest Level 2 (XHR2)
Extended functionality for and using the same, well-known XMLHttpRequest object
User agents that support XMLHttpRequest2 must support CORS (according to W3C specs).


The normal XMLHttpRequest object is used. When the XHR2 object is available, the cross-domain restriction cq. security violation is no longer applicable. The prerequisite for using CORS is that the server has to allow incoming requests from other domains by using an Access-Control-Allow-Origin header. Valid examples include:


a cross-domain request.