Newer Version Available

This content describes an older version of this product. View Latest

Cross-Domain XHR

Canvas apps are loaded on a Salesforce page in an iFrame. Therefore, the canvas app (in its own domain) can’t make XHR (XML HTTP request) calls back to the *.salesforce.com domain. You can develop and deploy your own proxies as part of the SDK, however, Canvas provides a client-side proxy written in JavaScript. This proxy enables client-side XHR calls back to Salesforce.

If you use this proxy from the client to make an XHR request, the API forwards the request to the outer iFrame and the request is submitted on your behalf. When the request is complete, the SDK calls the client’s callback function with the results. Here are some examples of how you can make XHR calls:

The SDK supports cross-domain XHR calls, however, it shouldn’t be used to make same-domain calls.

Note