Changes between Initial Version and Version 4 of Ticket #12698
- Timestamp:
- Feb 14, 2013, 11:22:29 AM (10 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #12698
-
Property
Status
changed from
new
toclosed
-
Property
Resolution
changed from
to
notabug
-
Property
Status
changed from
-
Ticket #12698 – Description
initial v4 1 1 This code generates a proper CORS preflight request due to the setting of the Authorization header: 2 2 3 (function() { x = new XMLHttpRequest(); x.open('POST','https://' + document.domain,false); x.onreadystatechange = function() { if(x.readyState === 4) console.info(x.responseText); }; x.setRequestHeader('Authorization', "test"); x.send(''); })(); 3 {{{#!js 4 (function() { 5 x = new XMLHttpRequest(); 6 x.open('POST','https://' + document.domain,false); 7 x.onreadystatechange = function() { 8 if( x.readyState === 4 ) { 9 console.info(x.responseText); 10 } 11 }; 12 x.setRequestHeader('Authorization', "test"); 13 x.send(''); 14 })(); 15 }}} 4 16 5 17 This code generates a broken CORS preflight request (at least in Chrome): 6 18 7 (function() { $.ajax({ url: 'https://' + document.domain, method: 'POST', headers: { Authorization: 'test' }, success: function(text) { console.info(text); } }); })(); 19 {{{#!js 20 (function() { 21 $.ajax({ 22 url: 'https://' + document.domain, 23 method: 'POST', 24 headers: { 25 Authorization: 'test' 26 }, 27 success: function(text) { 28 console.info(text); 29 } 30 }); 31 })(); 32 }}} 8 33 9 34 I believe this may be a bug