I'm working with someone who has a Google AppEngine site with a custom API located there.
I need to write some AJAX Javascript to interface with the custom API on the site, but I'm getting stonewalled by the same-origin policy. JSONP will be of no use because you can't get an error callback from a failed 'AJAX' request (it doesn't use XMLHTTPRequest). I am using JQuery to make the requests.
Apparently Google AppEngine has a terrible caveat that you can't individually upload single files for testing, so I can't fix this problem by developing directly on the API's proper domain.
I'm on a MAC and I have heard you can set up some kind of proxy to get around this, I have no idea even where to start with that, and don't want to if I don't absolutely have to. What can I do to allow me to develop some AJAX JS against this API?
I solved this problem by nerfing the same-origin policy support in my browser (Chrome) such that it no longer functions or is honored. During development, I can make cross-domain requests and the browser will not act to prevent them. If you run into this problem like I did, launch Chrome like this:
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security
This is obviously a development-only solution, but thats all I needed. For more extensive solutions the above answers concerning CORS and JSONP + properly designed JSONP APIs are more appropriate.