I found the solution.
It looks like by default dojo adds an 'X-Requested-With' argument to the Access-Control-Request-Header property, which typically causes servers to reject the request because it causes cross-site XHR requests to force preflight requests.
Here's the dojo ticket and bugfix info.:
Ticket
Bug Fix
Code:
var xhrArgs = {
url: "http://api.geonames.org/findNearbyPostalCodesJSON",
handleAs: "json",
headers: { // This is required to stop the
"X-Requested-With": "" // server from rejecting the
}, // GET request
load: function(data) {
// Do things
},
error: function(error) {
console.error(error);
},
content: {lat: lat, lng: lon, maxRows: "1", style: "medium", country: "US", username: "kmarrowo"}
};
dojo.xhrGet(xhrArgs);