Crossdomain access can be enabled in JavaScript with a mechanism similar to that in Flash. Instead of hosting a crossdomain.xml file though, crossdomain access is enabled per file, through an additional HTTP response header:
Access-Control-Allow-Origin: *
CORS is a more modern equivalent to JSONP for cross-domain XmlHttpRequests(AJAX) with options to limit domains, subdomains and ports.
Initial browser support:
- Firefox 3.5
- Chrome 4
- Safari 3.2
- MSIE 8
REFERENCES: