I'm trying to request a google sheet from the client in javascript, using jquery ajax.
The following code works in Chrome but fails in Firefox.
Question : how can I get it to work in Firefox?
If it's a server configuration issue then does this mean it's impossible to link to google drive documents from a firefox client?
Here is the code:
var url = 'http://docs.google.com/spreadsheets/export?id=1-on_GfmvaEcOk7HcWfKb8B6KFRv166RkLN2YmDEtDn4&exportFormat=csv';
$.ajax({
url : url,
type : 'GET',
dataType : 'text',
success : function(res, status){
console.log('status : ' + status);
console.log(res);
},
error : function(res, status, error){
console.log('status : ' + status);
console.log(res);
console.log(error);
}
});
In Chrome I get a 307 response then a 200 with the desired data. In Firefox I get a only a 200 response but with the error message something like "Access-Control-Allow-Origin header missing, Same Origin Policy does not allow to fetch this resource".
The problem is that docs.google.com
does not set CORS headers on redirects. And Chrome is not following the specification by not enforcing that and therefore has a security bug of sorts.
docs.google.com
is in Chrome's HSTS preload list. The request to http://docs.google.com
is transparently rewritten to https://docs.google.com
, so no redirect happens.
I assume this will resolve itself if Firefox pulls an updated copy of the HSTS preload list. As Anne notes, simply changing the link to https
directly will solve your use case.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With