To enable this you'd have to have the origin add special headers to "preflight" your request. Else, the JSONP tactic would allow you to access data across domains, but it has to actually be JSONP and not just JSON.
Here's an example on how to enable cross-domain resource sharing in PHP:
header('Access-Control-Allow-Origin: http://sub.domain.com');
header('Access-Control-Allow-Credentials: true' );
?>
As you said, unfortunately I think this is out of your control. In fact, the security mechanisms are in place in part to prevent stuff like this from happening (i.e. sapping another servers resources by consuming it's JSON).