Detect browser support for cross-domain XMLHttpRequests?

javascript xmlhttprequest cross-domain

David Wolever · Oct 29, 2009 · Viewed 15.6k times · Source

I'm working on some Javascript that makes use of Firefox 3.5's ability to perform cross-domain XMLHttpRequests… But I'd like to fail gracefully if they aren't supported.

Apart from actually making a cross-domain request, is there any way to detect a browser's support for them?

Answer

For future reference, full CORS feature detection should look something like this:

//Detect browser support for CORS
if ('withCredentials' in new XMLHttpRequest()) {
    /* supports cross-domain requests */
    document.write("CORS supported (XHR)");
}
else if(typeof XDomainRequest !== "undefined"){
  //Use IE-specific "CORS" code with XDR
  document.write("CORS supported (XDR)");
}else{
  //Time to retreat with a fallback or polyfill
  document.write("No CORS Support!");
}

You can try this test live using JSBin and see the proper response in IE, Firefox, Chrome, Safari, and Opera.

There are some edge cases in non-browser environments that do support cross-domain XHR but not XHR2/CORS. This test does not account for those situations.

Detect browser support for cross-domain XMLHttpRequests?

Answer

Related questions