Databases
StackOverflow2013
Postsdbo
POPlease help test a CORS issue in Firefox jQuery ajax when 401
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POPlease help test a CORS issue in Firefox jQuery ajax when 401
    text
    copied!<p>this is driving me nutters.</p> <p>jQuery 1.4.2, windows XP sp3</p> <p>Here is my test.</p> <p>Load firefox 3.5+</p> <p><a href="http://plungjan.name/test/testcors.html" rel="nofollow noreferrer">http://plungjan.name/test/testcors.html</a></p> <p>works</p> <p>Save the file to harddisk and run from there</p> <p>From my office the external works and the internal does not</p> <p>What is also interesting is that I cannot run both in one go.</p> <p>Background: I do a <strong>GET</strong> to an internal web service that uses <a href="http://www.w3.org/TR/cors/" rel="nofollow noreferrer">CORS</a>. Please do <strong>NOT</strong> post any answers about FF not handling cross domain request when it does since v3.5 as detailed <a href="https://developer.mozilla.org/en/http_access_control" rel="nofollow noreferrer">here</a> and <a href="http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/" rel="nofollow noreferrer">here</a></p> <p>It works in IE8 and FF3.6.6 from one server to the other and now almost from file system (file:///) to service. <strong>Only</strong> from file system and <strong>only</strong> when FF 3.6.6 needs to negotiate <strong>(the user is already logged in, authorised and sends the credentials!)</strong> do I not get the data after negotiation. jQuery xhr returns status 0 and no data/responseText or whatever Seems to me, jQuery reacts and saves the xhr from the 401 rather than from the 200 OK later</p> <p>Here is the result I get at the end of the communication when I alert the XHR object:</p> <pre><code>Status:success Data:[] XHR: some native functions, readyState:4 status:0 responseXML:null responseText: withCredentials:true </code></pre> <p>if I make a call to the same server but without needing credentials, the data is returned just fine cross domain</p> <p>So the communication is as follows:</p> <pre><code>GET /restapplicationusingcors/authenticationneeded-internal/someid Accept: application/json Accept-Language: en . . Origin: null Cookie: LtpaToken=... </code></pre> <p>the return is </p> <pre><code>HTTP/1.1 401 Unauthorized Server: Apache Pragma: No-cache Cache-Control: no-cache Expires: Thu, 01 Jan 1970 01:00:00 CET WWW-Authenticate: Negotiate Connection: close Transfer-Encoding: chunked Content-Type: text/html </code></pre> <p>Then FF sends</p> <pre><code>GET /restapplicationusingcors/authenticationneeded-internal/someid HTTP/1.1 Host: myhost.myintranet.bla User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6 Accept: application/json Accept-Language: en Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Origin: null Cookie: LtpaToken=.... Authorization: Negotiate .... </code></pre> <p>and is rewarded with the file I need, but cannot get at in FF:</p> <pre><code>HTTP/1.1 200 OK Date: Tue, 20 Jul 2010 12:08:39 GMT Pragma: No-cache Cache-Control: no-cache, max-age=600, s-maxage=3600 Expires: Thu, 01 Jan 1970 01:00:00 CET X-Powered-By: ... Content-Disposition: inline;filename=nnnnnn.json Content-Language: en Access-Control-Allow-Origin: ... Keep-Alive: timeout=6, max=70 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/json;charset=UTF-8 </code></pre> <p>THE DATA SENT FROM THE SERVER IS <strong>NOT</strong> IN THE XHR OBJECT </p> <p>Here is my code</p> <pre><code>function getJSON(url,func,lang) { accept = 'application/json'; lang=lang?lang:"*"; // gruesome hack to handle that APPENDS the mime header to */* !!! // NOW HANDLED by first setting Accept to "" !!! // if ($.browser.msie &amp;&amp; url.indexOf('serveAsMime')==-1) { // url+= '?serveAsMime='+accept; // } if (currentRequest != null) currentRequest.abort(); var requestObjectJSON = { url : url, // dataType: "json", method : 'get', beforeSend: function(xhr){ xhr.setRequestHeader('Accept', ""); // IE hack xhr.setRequestHeader('Accept', accept); xhr.setRequestHeader('Accept-Language', lang); if (url.indexOf('-internal') !=-1) { try { xhr.withCredentials = true; alert('set credentials') } catch(e) { alert('cannot set xhr with credentials') } } }, success: function(data,status,xhr) { var responseText = xhr.responseText; var responseJSON = xhr.responseJSON; var t = ""; try{ for (var o in xhr) t += '\n'+o+':'+xhr[o]; } catch(e) { if (e.message.indexOf('.channel')==-1)alert(e.message); } alert('Status:'+status+'\nData:['+data+']\nXHR:'+t); func(responseText); }, } currentRequest = $.ajax(requestObjectJSON); } </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload