# Load data from the browser For security reasons, web browsers prevent what are called cross-origin or cross-site requests from one domain to another. JavaScript `XMLHTTPRequests` (commonly called “AJAX” requests) inherit all the authentication context of the logged in user, so a malicious web page could try to make malicious requests that cross domain contexts and cause trouble. Historically, that has made it difficult for web developers to build web applications making use of third-party APIs. Fortunately, techniques have since been developed that allow developers to securely access APIs cross-domain. ## Cross-Origin Resource Sharing (CORS) `CORS` is the recommended standard for allowing your web browser and a web server to negotiate and allow requests to be made across domain contexts. `CORS` is supported in modern Chrome, Firefox, Safari, and Internet Explorer (10+) web browsers. It became a [W3C Recommendation](https://www.w3.org/TR/cors/) in 2014. You don’t need to do anything special to use `CORS` with JavaScript in a modern browser. Your web browser and the Pelias servers will automatically negotiate the cross-origin request. For example, to make a `CORS` request with `jQuery`, you’d make your request like you were performing it within the context of your own domain. For a full list of supported browsers see: http://caniuse.com/#feat=cors ### Add a search box to a Leaflet map You can add a Pelias box to any [Leaflet](http://leafletjs.com/) map. See the [Mapzen.js documentation](https://mapzen.com/documentation/mapzen-js/search/#add-mapzen-search-box-to-a-map) for instructions. There is also a [tutorial](add-search-to-a-map.md) available. ### Loading data with jQuery ```javascript $.ajax({ url: "https://search.mapzen.com/v1/search", method: "GET", dataType: "json", data: { "text": "London, UK", "api_key": "your-mapzen-api-key" }, success: function( data, status, jqxhr ){ console.log( "Request received:", data ); }, error: function( jqxhr, status, error ){ console.log( "Something went wrong!" ); } }); ``` interactive demo: http://jsfiddle.net/missinglink/fb6p0par/ ### Loading data with Angular ```javascript $http({ url: "https://search.mapzen.com/v1/search", method: "GET", headers: { "Accept": "application/json" }, params: { "text": "London, UK", "api_key": "your-mapzen-api-key" }, }) .success(function( data, status ) { console.log( "Request received:", data ); }) .error(function( data, status ) { console.log( "Something went wrong!" ); }); ``` interactive demo: http://jsfiddle.net/missinglink/nchh8a9j/ ## Why not JSONP? Also called “JSON with Padding”, `JSONP` is a technique for fooling a web browser into performing cross-origin requests using a special `