#7 Cross-domain Ajax requests

Before you get any hopes (or worries), the following is just a technique that comes handy for development, not for production.

I'm developing a PhoneGap app with Sencha Touch. The app needs to do a few Ajax POST requests to a different domain. You can do that without problems from your PhoneGap app.

Though, the development environment of choice for a Sencha Touch developer is the browser. Browsers don't let you do that, at least not by default. (You can do cross-domain GET requests easily via JSONP.)

By default, the browser, WebKit in this case, returns the following error: XMLHttpRequest cannot load URL. Origin http://localhost is not allowed by Access-Control-Allow-Origin.

Though, you can easily disable that security policy by opening the browser with --disable-web-security.

So, if you're using Google Chrome on a Mac for development, run the following in the Terminal:

open /Applications/Google\ Chrome.app --args --disable-web-security

For Chromium use:

open /Applications/Chromium.app --args --disable-web-security

It works similar for other browsers or platforms like Windows.

In order to easily open up Chromium without the web security, I made a simple Apple Script and transformed it into an app.

That's the Apple Script content:

do shell script "open /Applications/Chromium.app --args --disable-web-security"

If you use Chromium for development as well, you can download the little app I use to open it here. (Nope, I didn't include a trojan or virus.)

That's all.