can also be seen here https://gist.github.com/4227377

This gist relates to AEROGEAR-534, https://issues.jboss.org/browse/AEROGEAR-534

I created a node.js server that handles CORS and jsonp for my testing

Cross Domain Support

To do cross domain request, i've modified aerogear.js a bit.

I've added a new settings variable, settings.crossdomain, that can be mixed. If set to true, it will default to CORS, to override to jsonp set settings.crossdomain.type = "jsonp"

var pipeline = AeroGear.Pipeline();

    jsonp = pipeline.add( {
            name: "jsonp",
            settings: {
                baseURL: "http://localhost:8080",
                endpoint: "/",
                crossdomain: {
                    type: "jsonp",
                    jsonp: "jsonp" //this is optional and will default to callback, jquery default
                }
            }
        });

    cors = pipeline.add( {
            name: "cors",
            settings: {
                baseURL: "http://localhost:8080",
                endpoint: "/",
                crossdomain: true
            }
        });

If the user wants to use CORS, settings.crossdomain = true, but there browser doesn't support CORS, then AeroGear.Ajax will fallback to jsonp

CORS

since IE9 doesn't use the same thing as the rest of the browser world, i add in a small lib,https://github.com/jaubourg/ajaxHooks, in the external/ actually just the xdr.js file

Although i haven't actually tested that it works

AeroGear.Ajax

The majority of the changes happen in the AeroGear.Ajax function

Here is the commit for this

https://github.com/lholmquist/aerogear-js/commit/d3d3ecaac1d2648f37d66b46f7e776029b2a3517

At the moment the only overridable options in the crossdomain object are jsonp related. I guess this would be the place to add CORS options, if we wanted to

Interestingly enough, if you don't specify any of the new settings, CORS will work, if the server supports it, out of the box.

This is my simple node.js server

var express = require( "express" );
var app = express();

app.all( "/", function(request,response) {

// When dealing with CORS (Cross-Origin Resource Sharing)
// requests, the client should pass-through its origin (the
// requesting domain). We should either echo that or use *
// if the origin was not passed.
var origin = (request.headers.origin || "*");

// Check to see if this is a security check by the browser to
    // test the availability of the API for the client. If the
    // method is OPTIONS, the browser is check to see to see what
    // HTTP methods (and properties) have been granted to the
    // client.
    if (request.method.toUpperCase() === "OPTIONS"){


        // Echo back the Origin (calling domain) so that the
        // client is granted access to make subsequent requests
        // to the API.
        response.status( 204 );
        response.header(
            {
                "access-control-allow-origin": origin,
                "access-control-allow-methods": "GET, PUT, DELETE, OPTIONS",
                "access-control-allow-headers": "content-type, accept",
                "access-control-max-age": 10, // Seconds.
                "content-length": 0
            }
        );
    }
    // End the response - we're not sending back any content.
    response.status( 200 );
    response.header(
                {
                    "access-control-allow-origin": origin,
                    "content-type": "application/json"
                }
            );
    var callback = request.query.callback || request.query.jsonp;
    if( callback ) {
        response.send( callback + "({response:'stuff'})");
    } else {
        response.send( {response:'stuff'});
    }


});

app.listen( 8080 );

// Debugging:
console.log( "Node.js listening on port 8080" );