Side navigation
#13487 closed bug (notabug)
Opened February 21, 2013 01:47AM UTC
Closed February 21, 2013 04:48AM UTC
jQuery 1.9.1 not adding custom headers to CORS request
Reported by: | jamie-lists@boxlightmedia.com | Owned by: | |
---|---|---|---|
Priority: | undecided | Milestone: | None |
Component: | unfiled | Version: | 1.9.1 |
Keywords: | Cc: | ||
Blocked by: | Blocking: |
Description
When trying to add a custom header to a CORS request, it is being requested by the OPTIONS request but is not being added to the subsequent GET request. Sample code:
var url = 'http://mycorsenabledserver.com/'; var token = 'My Token'; $.ajaxSetup({ headers: { "My-Token": token } }); $.ajax({ url: url, type: 'GET', crossDomain: true, beforeSend: function(request) { request.setRequestHeader('My-Token', token); }, success: function() { console.log('success'); }, error: function(e) { console.log('error'); } });
The OPTIONS request and response:
OPTIONS / HTTP/1.1 Host: mycorsenabledserver.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:19.0) Gecko/20100101 Firefox/19.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Origin: http://local.api-test.foo.com Access-Control-Request-Method: GET Access-Control-Request-Headers: my-token Connection: keep-alive HTTP/1.1 200 OK Server: nginx/1.2.5 Date: Wed, 20 Feb 2013 23:49:24 GMT Content-Type: application/octet-stream Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=20 Content-Length: 0 Content-Type: text/plain Allow: OPTIONS, DELETE, POST, PUT, GET Access-Control-Allow-Origin: * Access-Control-Allow-Headers: my-token, x-requested-with Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS Access-Control-Allow-Credentials: true
The subsequent GET request:
GET / HTTP/1.1 Host: mycorsenabledserver.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:19.0) Gecko/20100101 Firefox/19.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://local.api-test.foo.com/ Origin: http://local.api-test.foo.com Connection: keep-alive
This was a Firefox specific issues with the header value (token) being empty.
Please close as invalid.