Wednesday, February 15th, 2006

Cross-Domain XML

Category: JavaScript, Remoting

Like it or not, there’s plenty of people who want to do cross-domain remoting. The typical technique is via script tags, and since this means the response must be valid Javascript, JSON is usually the message format. But what if you want to grab some XML instead of a JSON-formatted object? Dave Johnson explains how to achieve cross-domain XML, building on the standard script tag trick.

The server responds with a script that includes the XML string, along with some code to convert it to a DOM object … as Dave’s code shows, XMLHttpRequest is not the only way to make such a conversion:


  1. var eba_ajax_xmlp = {x: {}};
  2.     eba_ajax_xmlp.loadXml = function(s, uid){
  3.         if(document.implementation && document.implementation.createDocument) {
  4.             var objDOMParser = new DOMParser();
  5.             this.x[uid] = objDOMParser.parseFromString(s, "text/xml");
  6.         } else if (window.ActiveXObject) {
  7.             this.x[uid] = new ActiveXObject('MSXML2.DOMDocument.3.0');
  8.             this.x[uid].async = false;
  9.             this.x[uid].loadXML(s);
  10.         }
  11.     }

If it’s a DOM object you’re after, I guess there’s an alternative strategy here too: pull down a JSON-formatted DOM object.

Posted by Michael Mahemoff at 9:40 am

3.7 rating from 63 votes


Comments feed TrackBack URI

a bit off topic, but I’m so curious. How do you syntax highlight the JavaScript code? From the source it looks like some kind of preprocessed code?

Comment by Jesper Rønn-Jensen — February 15, 2006

Jesper, it’s a syntax highlighting module for WordPress. Dion set it up, so I’m not sure which name, but I just mark up as


  1. ..


etc. As it happens, good old Vim is also capable of HTMLizing its syntax highlighting. (In vim, type “:help 2html” for more info).

Comment by Michael Mahemoff — February 15, 2006

If I understand correctly, if a service provider wanted to enable oters to be able to use the service, he could post the JavaScript file to his own server and then developers could “include” his code via and the code in that script would be able to call that server which is different from the server which served the html?

Comment by pwb — February 15, 2006

Great tip, Michael. Thanks!

Comment by Jesper Rønn-Jensen — February 15, 2006

The vim tip works wonderfully! Thanks Michael.

Comment by Michael Caron — February 16, 2006

pwb, yes that’s correct. As long as it’s valid Javascript, a page can dynamically point a script tag to it, which will lead to that remote Javascript being executed in the browser. The JS can be sitting anywhere on the web.

Comment by Michael Mahemoff — February 16, 2006

But then can that JavaScript call the server it came from?

Comment by pwb — February 17, 2006

I’m doing this in testing at – If anyone has a few minutes – I’d be happy to share my experience in exchange for a little knowledge. It seems that firefox grants access to cookies on the remote site, but IE does not. Anyone have any similar situations?

Comment by Topper — February 17, 2006

Great article. I appreciate the info.

Comment by url redirect — August 6, 2007

hey Topper, yes this script is NOT WORKING on IE.
very bad :(

Comment by JulianW — February 17, 2009

Leave a comment

You must be logged in to post a comment.