Firefox send a cross-domain post with credentials, I can (using Charles - a proxy for HTTP debugging) see that the server is sending back the response… But Firefox isn't "letting me see it" (for lack of a better description).
For example, using the documented example:
>>> var invocation = new XMLHttpRequest(); >>> invocation.open('GET', 'http://localhost/~wolever/cookie.php', true); >>> invocation.withCredentials=true; >>> invocation.onreadystatechange = console.log; >>> invocation.send() http://img.skitch.com/20100113-bq3a4qb1ufn52331x18ce3c7xu.png >>> invocation.responseText "" >>> invocation.responseXML null
However, Charles tells me that this request has, in fact, returned the expected response:
http://img.skitch.com/20100113-njakyu4xequ5e3cyfhfnyeatq5.png
Any idea what could be going wrong?
And, incase it helps: the same request without credentials returns data as it should.
This is from the bottom of the MDC section you linked to:
Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding. The above example would fail if the header was wildcarded as: Access-Control-Allow-Origin: *.
I bet you missed this, it's hidden under a couple big example code blocks.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With