Ticket #11624 (closed bug: duplicate)
CORS support: xhr.getResponseHeader('non-simple-header') returns null on Firefox even when header is one of the Access-Control-Expose-Headers.
| Reported by: | keith.donald@… | Owned by: | |
|---|---|---|---|
| Priority: | undecided | Milestone: | None |
| Component: | unfiled | Version: | 1.7.2 |
| Keywords: | Cc: | ||
| Blocking: | Blocked by: |
Description
Specific use case where this was confirmed:
My site domain (e.g. domain.com) is calling my API subdomain (e.g. api.domain.name) to POST data via ajax that results in a 201 response containing a Location header value. 'Location' is not a simple header, so it is listed as required by CORS as one of the Access-Control-Expose-Headers.
The Location header value *is* accessible with jQuery via xhr.getResponseHeader('Location') on Chrome (v18) but *NOT* on Firefox (v11). On Firefox, null is consistently returned. Note I am able to access the Location header value on Firefox if I use the native XMLHttpRequest API.
I haven't had a chance to test on any other browsers.
Change History
Please follow the bug reporting guidlines and use jsFiddle when providing test cases and demonstrations instead of pasting the code in the ticket.
After some investigation I see from the source that jQuery calls nativeXhr.getResponseAllHeaders() to build the header list used by jqXhr.getResponseHeader("") and that the native getResponseAllHeaders() function is completely broken on Firefox when invoked in a CORS context. So I can see how jQuery's hands are somewhat tied here, as alluded to at http://bugs.jquery.com/ticket/10338.
It might be worth adding to your documentation how to access 'non-simple-headers' since the patch you suggest only provides support for simple headers.