Can we access WCF service over https using Jquery $.ajax() call in cross domain?

Question

I have added SSL for both applications.

Assume https:// www.a.com and https:// www.b.com. https:// www.a.com is accessing the wcf service from https:// www.b.com through $.ajax() call. I am also using jsonp to this functionality. When these application are not https it works fine. But the $.ajax() call fails when I make it https. It giving "Internel server error" in firebug on this $.ajax() call.

Can we do such thing in secure mode?

Answer 1

Suggestion 1:

Using CORS(Cross Orignin resource sharing)

During the preflight request,

you should see the following two headers:

• Access-Control-Request-Method

• Access-Control-Request-Headers

These request headers are asking the server for permissions to make the actual request.

Your preflight response needs to acknowledge these headers in order for the actual request to work.

For example, suppose the browser makes a request with the following headers:

• Origin: http://yourdomain.com

• Access-Control-Request-Method: POST

• Access-Control-Request-Headers: X-Custom-Header

Your server should then respond with the following headers:

• Access-Control-Allow-Origin: http://yourdomain.com

• Access-Control-Allow-Methods: GET, POST

• Access-Control-Allow-Headers: X-Custom-Header

Reference

Suggestion 2:

Using JSON-P and Intermediate page:

• create a intermediate page which makes http request to https page and return JSON-P result
• If the intermediate page is in same domain then use it directly else make cross domain ajax request and use JSON-P

Reference

Answer 2

It sounds like you'd be a heck of a lot better off just reading/writing JSON data over your encrypted (https) connection. Let WCF handle whatever you want at the endpoints, but communicate with simple JSON messages. IMHO...