How does the same origin policy apply to IP addresses

Question

I have a server on our company intranet that runs JBoss. I want to send API calls to this server from my machine, also on the intranet, and get the resulting XML responses using JQuery.

I read the entry on Wikipedia but am confused how that applies to my situation, since our machines only have IP addresses, not domain names.

I have

• server URL: 10.2.200.3:8001/serviceroot/service
• client IP address: 10.2.201.217

My questions are:

1. As far as I understand these are different domains, right? So I have to use a proxy to issue JQuery.ajax calls to the server
2. If I want to avoid doing (2), can I install Apache on the server and server the page with JS code form there? But then the JS will be from 10.2.200.3 and the server is at 10.2.200.3:8001. Aren't these considered different domains according to policy?

Thanks!

Answer 1

1. Yes.

2. Yes, different ports mean different origins. This is something that most browsers have done in JS for a while, but it is explicitly described in the HTML5 draft, which is referenced by the XMLHttpRequest draft.

If A and B have port components that are not identical, return false.