Access control for cross site requests in Internet Explorer

Question

I am trying to make an AJAX call from several domains to a single one which will handle the request. Enabling Cross domain in Firefox and Chrome was easy by setting the head

Answer 1

Much has changed since I first posted my solution for CORS in IE7 and above. First of all the jQuery property $.support.cors is true by default, .NET frameworks 4.0 and above no longer support CORS as implemented in versions 3.5.1 and lower. When writing a web service with ASP.NET 4.0 I had install the Thinktecture.IdentityModel which is available as a NuGet package. Then, in the Application_Start method of the Global.asax file, add:

void Application_Start(object sender, EventArgs e) 
{ 
    Thinktecture.IdentityModel.Http.Cors.IIS.UrlBasedCorsConfiguration.Configuration
        .ForResources("*")
        .ForOrigins("http://localhost:80, http://mydomain")
        .AllowAll()
        .AllowMethods("GET", "POST");
}

Now add the httpProtocol element within system.webServer:

My $.ajax call is now:

$.ajax({
    url: serviceUrl, 
    data: JSON.stringify(postData),
    type: "POST",
    cache: false,
    contentType: "application/json; charset=utf-8",
    dataType: "json",
    success: onSuccess,
    error: onError
});