Mastering Web Application

(Rick Simeone) #1

Communicating with a Back-end Server


As web developers, we need to constantly balance security considerations with
functional requirements to aggregate data from multiple sources. Indeed, it is often
desirable to fetch data from third party services and present those data in our web
applications. Unfortunately, XHR requests can't easily reach servers outside of the
source domain unless we play some tricks.


There are several techniques for accessing data exposed by external servers: JSON
with padding (JSONP) and Cross-origin resource sharing (CORS) are probably the
most popular ones in the modern web. This section shows how AngularJS helps us
applying those techniques in practice.


Overcoming same-origin policy restrictions with JSONP

Using JSONP is a trick that allows fetching data by passing the same-origin policy
restrictions. It relies on the fact that browsers can freely pull JavaScript from foreign
servers by using the