Skip to main content

Bug Tracker

Side navigation

#13487 closed bug (notabug)

Opened February 21, 2013 01:47AM UTC

Closed February 21, 2013 04:48AM UTC

jQuery 1.9.1 not adding custom headers to CORS request

Reported by: jamie-lists@boxlightmedia.com Owned by:
Priority: undecided Milestone: None
Component: unfiled Version: 1.9.1
Keywords: Cc:
Blocked by: Blocking:
Description

When trying to add a custom header to a CORS request, it is being requested by the OPTIONS request but is not being added to the subsequent GET request. Sample code:

 var url = 'http://mycorsenabledserver.com/';
        var token = 'My Token';

        $.ajaxSetup({
            headers: {
                "My-Token": token
            }
        });

        $.ajax({
            url: url,
            type: 'GET',
            crossDomain: true,
            beforeSend: function(request) {
                request.setRequestHeader('My-Token', token); 
            },
            success: function() {
                console.log('success');
            },
            error: function(e) {
                console.log('error');
            }
        });

The OPTIONS request and response:

OPTIONS / HTTP/1.1
Host: mycorsenabledserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:19.0) Gecko/20100101 Firefox/19.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://local.api-test.foo.com
Access-Control-Request-Method: GET
Access-Control-Request-Headers: my-token
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx/1.2.5
Date: Wed, 20 Feb 2013 23:49:24 GMT
Content-Type: application/octet-stream
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 0
Content-Type: text/plain
Allow: OPTIONS, DELETE, POST, PUT, GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: my-token, x-requested-with
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true

The subsequent GET request:

GET / HTTP/1.1
Host: mycorsenabledserver.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:19.0) Gecko/20100101 Firefox/19.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://local.api-test.foo.com/
Origin: http://local.api-test.foo.com
Connection: keep-alive

Attachments (0)
Change History (2)

Changed February 21, 2013 04:12AM UTC by jamiel comment:1

This was a Firefox specific issues with the header value (token) being empty.

Please close as invalid.

Changed February 21, 2013 04:48AM UTC by timmywil comment:2

resolution: → notabug
status: newclosed

ok