A lot of the discussion in this Tech Note has been ways to get around Same Origin Policies. Can we get rid of this restriction? We can, but there’s a catch.
To allow a PHP script on your server to give its results to apps which were not loaded from your server, add this line as the first line of your script.
The catch is that now anyone with an internet connection can run your PHP script, even if their browser is compliant with access control.