warpdesign
09 Sep 2010, 11:30 AM
I started using Cross Origin posts and I'm having problems with redirections (302).
Here is what I'm doing:
client side:
var req = new XMLHttpRequest();
req.open('POST', 'http://www.server1.com/index.php', true);
req.onreadystatechange = function (aEvt)
{
if (req.readyState == 4)
{
if (req.status == 200)
{
console.log(req.responseText);
}
else
{
console.log('oops');
console.log("Error loading page, status=", req.status);
}
}
};
req.send(null);
http://www.server1.fr/index.php contains the following code:
<?php
header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Methods: GET, POST');
header('Location: http://www.server2.fr/index.php');
?>
<div>foo</div>
http://www.server2.fr/index.php contains the following code:
<?php
header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Methods: GET, POST');
?>
<div>foo</div>
With Firefox 3.6.9, when doing a GET, it works as expected, returning "<div>foo</div>".
However, when using a POST instead of the GET, it returns an error, with status = 0 (doesn't really help :))
When not doing the redirect, but directly returning data from server1, it works as expected.
I tried with Chrome/Safari, and it seems the 302 doesn't work at all with these browsers (both GET and POST fail when using redirect). However when returning data from server1 (that is without using a 302 redirection), it works, like Firefox.
What could be wrong ? Is 302 supported using Cross-Origin ? Maybe some more headers need to be added ?
Thanks.
Here is what I'm doing:
client side:
var req = new XMLHttpRequest();
req.open('POST', 'http://www.server1.com/index.php', true);
req.onreadystatechange = function (aEvt)
{
if (req.readyState == 4)
{
if (req.status == 200)
{
console.log(req.responseText);
}
else
{
console.log('oops');
console.log("Error loading page, status=", req.status);
}
}
};
req.send(null);
http://www.server1.fr/index.php contains the following code:
<?php
header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Methods: GET, POST');
header('Location: http://www.server2.fr/index.php');
?>
<div>foo</div>
http://www.server2.fr/index.php contains the following code:
<?php
header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Methods: GET, POST');
?>
<div>foo</div>
With Firefox 3.6.9, when doing a GET, it works as expected, returning "<div>foo</div>".
However, when using a POST instead of the GET, it returns an error, with status = 0 (doesn't really help :))
When not doing the redirect, but directly returning data from server1, it works as expected.
I tried with Chrome/Safari, and it seems the 302 doesn't work at all with these browsers (both GET and POST fail when using redirect). However when returning data from server1 (that is without using a 302 redirection), it works, like Firefox.
What could be wrong ? Is 302 supported using Cross-Origin ? Maybe some more headers need to be added ?
Thanks.