Why are AJAX requests limited to same domain?

Question

Something I find really confusing, is why are AJAX requests limited to the same domain? What is the reasoning behind this?

I don\'t see any problem with requesting

Answer 1

Tom, it is not "Ajax request limited". AJAX is based on JavaScript. For security reason JavaScript is prohibited access on cross domains. If you really want to do cross domain Ajax, you can do a hack.

YourPage(Ajax) ----> YourServer ----> ExternalDomain

You can call a page in your server using Ajax, Your domain will call to external domain using server side , and get the result then return to you as Ajax response. Of course the request done to the ExternalDomain server will be called WITHOUT sending cookies for ExternalDomain that reside in your browser's memory. That's because the request is done by your server and not your browser.