Skip to main content

Bug Tracker

Side navigation

#11624 closed bug (duplicate)

Opened April 23, 2012 07:22PM UTC

Closed May 05, 2012 04:08PM UTC

Last modified May 05, 2012 04:09PM UTC

CORS support: xhr.getResponseHeader('non-simple-header') returns null on Firefox even when header is one of the Access-Control-Expose-Headers.

Reported by: Owned by:
Priority: undecided Milestone: None
Component: unfiled Version: 1.7.2
Keywords: Cc:
Blocked by: Blocking:

Specific use case where this was confirmed:

My site domain (e.g. is calling my API subdomain (e.g. to POST data via ajax that results in a 201 response containing a Location header value. 'Location' is not a simple header, so it is listed as required by CORS as one of the Access-Control-Expose-Headers.

The Location header value *is* accessible with jQuery via xhr.getResponseHeader('Location') on Chrome (v18) but *NOT* on Firefox (v11). On Firefox, null is consistently returned. Note I am able to access the Location header value on Firefox if I use the native XMLHttpRequest API.

I haven't had a chance to test on any other browsers.

Attachments (0)
Change History (3)

Changed April 23, 2012 08:35PM UTC by anonymous comment:1

After some investigation I see from the source that jQuery calls nativeXhr.getResponseAllHeaders() to build the header list used by jqXhr.getResponseHeader("") and that the native getResponseAllHeaders() function is completely broken on Firefox when invoked in a CORS context. So I can see how jQuery's hands are somewhat tied here, as alluded to at

It might be worth adding to your documentation how to access 'non-simple-headers' since the patch you suggest only provides support for simple headers.

Changed May 05, 2012 04:08PM UTC by dmethvin comment:2

resolution: → duplicate
status: newclosed

Changed May 05, 2012 04:09PM UTC by dmethvin comment:3

Duplicate of #10338.