Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

cross site xmlhttprequest with cors

https://www.google.com/accounts/o8/id?id=AItOawmSLjcKel2It1XD4qvMfK6xmV83iybW8l8 edited this page · 14 revisions

Cross-site XMLHttpRequest (XHR) with CORS or "Why am I getting a http OPTION for a GET/POST request?"

like this

  • localhost - - [05/Oct/2011 16:52:10] code 501, message Unsupported method ('OPTIONS')
  • localhost - - [05/Oct/2011 16:52:10] "OPTIONS / HTTP/1.1" 501 -

problem

If you're using HTTPRequest to make requests to a server and receive strange OPTION requests and no answers in the client despite your server receiving the messages ok, maybe your problem is that some new browsers [firefox >3] have a security policy to drop all xmlhttprequest (used in AJAX class) for unauthorized clients.

solution

The solution is simple. change response headers to allow communication with your client.

using web.py, here is an example of server that works: https://gist.github.com/1271118

using Flask, there is an example in the Git repository (examples/misc/flaskexamples/flaskcors), and check out the documentation pyjamaswithpocoo.

I would not make any changes on the client as pyjamas jsonrpc uses XHR for jsonrpc, and therefore, depends on the browser's implementation of XMLHttpRequest.

read more here

Something went wrong with that request. Please try again.