Skip to main content

Getting Around Same Origin Policy

Various other ways via which you can bypass Same Origin Policy are -

  • JSONP
    • JSONP abuses JavaScript to load data cross-origin, just like a JavaScript include
  • XHR with CORS
    • XMLHTTPRequest by default can't do cross origin communication but it is possible to send data cross origin request with CORS header
  • URL Fragment
    • It is possible to use URL Fragments to communicate Cross Origin
  • postMessage API
    • It enabled cross origin communication between two different origins
  • many more