I have been using WCF web services for around about a year now and have found them very useful. I have always used and consumed them on the same serving domain. However this time I am wanting to consume them on another domain. I understand why this is happening, because of security and so. I had the same problem with reading RSS feeds from an external domain.
I have been doing some research into this and most people are saying that JSONP (padded JSON) will solve this problem but I thought i’d ask my own question because someone might have found another answer or because i’m using .NET 4, the answer might be simpler.
So, I am using Jquery to consume these restful web services on another domain. I am also using .NET 4. My web services are a mix of GET and POST so really i’m looking for a solution that will deal with both GET and POSTS across domains. Does anyone have a solution or examples for this? My WCF web services are located within my ASP.NET web application. I have also turned on crossdomainscriptaccessenabled in my web config.
Also, for what it’s worth – when I was setting up WCF web sevices last year, I was able to consume a web service on an iphone app which now confuses me as I never enabled cross domain posting. That’s just a side note though.
Thanks
If you require POST, JSONP probably won’t cut it. Since it works by injecting a
<script>reference to the third-party resource, JSONP is inherently limited to GET requests.Depending on your browser support requirements, CORS allows you full access to cross-domain services. jQuery 1.5+ has great support for CORS. You only need to add an HTTP header or two to your WCF domain’s responses to enable it.
A less elegant solution that doesn’t require browser support is to use a server-side HTTP proxy on the domain where the services will be called from. Using that approach, server-side code makes the cross-domain request on behalf of the browser and relays the response back. That circumvents the same-origin restriction at the browser, but does add some overhead to the process.
To clarify your confusion about the iPhone app previously working, keep in mind that the cross-domain restriction is one that browsers impose as part of their implementation of XMLHttpRequest. It is not a restriction imposed by WCF itself. A native app running on an iPhone would be able to freely access your service without modification, similar to how a Silverlight app in the browser would be able to (however, a web app running on the iPhone would run into the same trouble you are).