XMLHttpRequest will not allow you to access external site or site outside the same domain for security reasons. See the same origin policy for JavaScript.

If u want to access one of your own domains u just need to add

Access-Control-Allow-Origin Response Header

The Access-Control-Allow-Origin header indicates whether a resource can be shared based by returning the value of the Origin request header in the response. 

Access-Control-Allow-Origin = "Access-Control-Allow-Origin" ":" origin-list-or-null | "*"

add a single Access-Control-Allow-Origin header, with either the value of the Origin header or the string "*" as value.

If I want to access a page in  test.com from muruganad.com then in the page which I want to access from muruganad.com 
 specifying Access-Control-Allow-Origin: http://muruganad.com as response header allow that page to  to be fetched cross-origin from http://muruganad.com 




Code for different languages

Response.AppendHeader("Access-Control-Allow-Origin", "*");  if its aspx page
Access-Control-Allow-Origin: *  if its CGI
<?php  header("Access-Control-Allow-Origin: *");> if its php 

print "Content-Type: text/turtle"
print "Content-Location: mydata.ttl"
print "Access-Control-Allow-Origin: *"

above lines ofr python 

if its to access xml 


<?xml version="1.0" encoding="UTF-8"?>
<!-- Change this to allow="yourdomain.com" to make it accessible to your site, or allow="*" for ANYONE to be able to access it. -->
<?access-control allow="muruganad.com"?>



or


But if you want to do it with greasemonkey there is a function you can call  GM_xmlhttpRequest


The solution if u want to write it for a website thats accesible by many would be to 
write your own implementation of XMLHTTPRequest. Or simplest way would be to write 
pop or aspx page that would exist in your domain and call external pages though that 
site. 

Eg 
1. XMLHTTPRequest -> URL = YourDomain.com/GetPage.aspx?url=http://google.com/index.html 
2  XMLHTTPRequest -> URL = YourDomain.com/GetPage.aspx?url=http://yahoo.com/index.html 

So Ideally u are calling the page from your on site which is safe for javascript and that 
page requrns the value from other site. 


>?php
    header('Content-type: text/html');
    header('Access-Control-Allow-Origin: *');
    $uri = 'http'. ($_SERVER['HTTPS'] ? 's' : null) .'://'. $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    echo('
This information has come from ' . $uri . '
');
?<

GREASEMONKEY 

Below is the same grease monkey function wrapped around in a simple function. 

function GetHTML(url) {
    GM_xmlhttpRequest({
        method: 'GET',
        url: url,
        onload: function (responseDetails) {
            if (responseDetails.status == 200 || responseDetails.status == 404) {
                Data[Data.length] = responseDetails.responseText;
                BodyData = BodyData + "
" + responseDetails.finalUrl + "
" + responseDetails.responseText;
                document.body.innerHTML = BodyData;
            } else {
                alert('Request Response Status' + responseDetails.statusText);
            }
        }
    });
}

If the page is received successfully u get responseDetails.status == 200

Here are the possble return values or ready states if u want to check the value of whats the status of the request, Note I have not written the code above for ready states
The readyState attribute must return the current state, which must be one of the following values:

numeric value 0 : Unsent
    The object has been constructed
. 
numeric value 1 : Opened
    The open() method has been successfully invoked. During this state request headers can be set using setRequestHeader() and the request can be made using the send() method. 

numeric value 2 : HEADERS_RECEIVED 
    All redirects (if any) have been followed and all HTTP headers of the final response have been received. Several response members of the object are now available. 

numeric value 3   : LOADING 
    The response entity body is being received. 

numeric value 4 : DONE
    The data transfer has been completed or something went wrong during the transfer (e.g. infinite redirects). 
The OPENED state has an associated send() flag that indicates whether the send() method has been invoked. It can be either true or false and has an initial value of false.
The DONE state has an associated error flag that indicates some type of network error or abortion. It can be either true or false and has an initial value of false.