Chrome and Firefox CORS AJAX calls get aborted on some Mac machines

Question

We have a webpage at www.saddleback.com/live and Chrome and Firefox CORS AJAX calls get aborted on some Mac machines. On a Mac with OSX 10.9 (latest updates), Chrome and Firefox (with latest updates) the AJAX call to http://api.saddleback.com/WorshipService?version=2&null&_=1386201207191 gets aborted. This works on Safari.

This behavior is isolated but reproducible on some machines but not others. We have other Mac machines with identical OS and browser version that successfully bring up the webpage.

I have verified that the web server successfully responds to the AJAX request within 500 milliseconds. Yet Chrome hangs on waiting for the response for ~30 seconds and eventually aborts the call. I've included a the chrome://net-internals for the failed call below:

11645: URL_REQUEST
http://api.saddleback.com/WorshipService?version=2&null&_=1386201207191
Start Time: 2013-12-04 15:53:27.469

t=1386201207469 [st=    0] +REQUEST_ALIVE  [dt=30398]
t=1386201207470 [st=    1]   +URL_REQUEST_START_JOB  [dt=30397]
                              --> load_flags = 143540480 (DO_NOT_SAVE_COOKIES | DO_NOT_SEND_AUTH_DATA | DO_NOT_SEND_COOKIES | ENABLE_LOAD_TIMING | MAYBE_USER_GESTURE | REPORT_RAW_HEADERS | VERIFY_EV_CERT)
                              --> method = "GET"
                              --> priority = 2
                              --> url = "http://api.saddleback.com/WorshipService?version=2&null&_=1386201207191"
t=1386201207470 [st=    1]      HTTP_CACHE_GET_BACKEND  [dt=0]
t=1386201207470 [st=    1]      HTTP_CACHE_OPEN_ENTRY  [dt=0]
                                --> net_error = -2 (ERR_FAILED)
t=1386201207470 [st=    1]      HTTP_CACHE_CREATE_ENTRY  [dt=0]
t=1386201207470 [st=    1]      HTTP_CACHE_ADD_TO_ENTRY  [dt=0]
t=1386201207470 [st=    1]     +HTTP_STREAM_REQUEST  [dt=2]
t=1386201207472 [st=    3]        HTTP_STREAM_REQUEST_BOUND_TO_JOB
                                  --> source_dependency = 11647 (HTTP_STREAM_JOB)
t=1386201207472 [st=    3]     -HTTP_STREAM_REQUEST
t=1386201207472 [st=    3]     +HTTP_TRANSACTION_SEND_REQUEST  [dt=0]
t=1386201207472 [st=    3]        HTTP_TRANSACTION_SEND_REQUEST_HEADERS
                                  --> GET /WorshipService?version=2&null&_=1386201207191 HTTP/1.1
                                      Host: api.saddleback.com
                                      Connection: keep-alive
                                      Accept: application/json, text/javascript, */*; q=0.01
                                      Origin: http://www.saddleback.com
                                      User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
                                      Content-Type: application/json
                                      Referer: http://www.saddleback.com/onlinecampus/
                                      Accept-Encoding: gzip,deflate,sdch
                                      Accept-Language: en-US,en;q=0.8
t=1386201207472 [st=    3]     -HTTP_TRANSACTION_SEND_REQUEST
t=1386201207472 [st=    3]     +HTTP_TRANSACTION_READ_HEADERS  [dt=30395]
t=1386201207472 [st=    3]       +HTTP_STREAM_PARSER_READ_HEADERS  [dt=30395]
t=1386201237867 [st=30398]          CANCELLED
t=1386201237867 [st=30398]   -URL_REQUEST_START_JOB
                              --> net_error = -3 (ERR_ABORTED)
t=1386201237867 [st=30398] -REQUEST_ALIVE

Here is the request and response from Wireshark:

REQUEST

GET /WorshipService?version=2&null&_=1386192341441 HTTP/1.1
    [Expert Info (Chat/Sequence): GET /WorshipService?version=2&null&_=1386192341441 HTTP/1.1]
        [Message: GET /WorshipService?version=2&null&_=1386192341441 HTTP/1.1]
        [Severity level: Chat]
        [Group: Sequence]
    Request Method: GET
    Request URI: /WorshipService?version=2&null&_=1386192341441
    Request Version: HTTP/1.1
Host: api.saddleback.com
Connection: keep-alive
Cache-Control: max-age=0
Accept: application/json, text/javascript, */*; q=0.01
Origin: http://www.saddleback.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36
Content-Type: application/json
Referer: http://www.saddleback.com/onlinecampus/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8

RESPONSE

HTTP/1.1 200 OK
    [Expert Info (Chat/Sequence): HTTP/1.1 200 OK]
        [Message: HTTP/1.1 200 OK]
        [Severity level: Chat]
        [Group: Sequence]
    Request Version: HTTP/1.1
    Status Code: 200
    Response Phrase: OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/7.5
Access-Control-Allow-Origin: http://www.saddleback.com
Access-Control-Allow-Credentials: true
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 04 Dec 2013 21:25:41 GMT
Content-Length: 2841
    [Content length: 2841]
Set-Cookie: NSC_ndxfc1-45*80=ffffffffaf181c9545525d5f4f58455e445a4a423660;expires=Wed, 04-Dec-2013 14:44:34 GMT;path=/;httponly

I have spent too much time trying to figure out why this is failing on some Mac configuration and not others. Any help would be much appreciated.

Answer 1

After spending a very long time looking at low level network packets to try and find the issue. It turned out that the virus scanner was blocking the call. Turning off the web scanning, it started working.

In short Sophos was blocking api.saddleback.com on Firefox and Chrome, but not on Safari. Go figure.