Firefox：具有凭证的跨网域请求返回为空 [英] Firefox: Cross-domain requests with credentials return empty

问题描述

Firefox 使用凭证发送跨网域信息，I可以（使用Charles - HTTP调试的代理）看到服务器发回的响应...但是Firefox不是让我看看（因为缺乏更好的描述）。

Firefox send a cross-domain post with credentials, I can (using Charles - a proxy for HTTP debugging) see that the server is sending back the response… But Firefox isn't "letting me see it" (for lack of a better description).

例如，使用记录的示例：

>>> var invocation = new XMLHttpRequest();
>>> invocation.open('GET', 'http://localhost/~wolever/cookie.php', true);
>>> invocation.withCredentials=true;
>>> invocation.onreadystatechange = console.log;
>>> invocation.send()

>>> invocation.responseText
""
>>> invocation.responseXML
null

但是，Charles告诉我，实际上，返回了预期的响应：

However, Charles tells me that this request has, in fact, returned the expected response:

有什么想法可能会出错吗？

Any idea what could be going wrong?

推荐答案

这是从您链接到的MDC部分的底部：

This is from the bottom of the MDC section you linked to:

重要说明：在响应凭证请求时，服务器必须
指定一个域，并且不能使用通配符。上述示例将失败
，如果标题通配符为：Access-Control-Allow-Origin：*。

Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding. The above example would fail if the header was wildcarded as: Access-Control-Allow-Origin: *.

打赌你错过了这一点，它隐藏在一个几个大的示例代码块。

I bet you missed this, it's hidden under a couple big example code blocks.

这篇关于Firefox：具有凭证的跨网域请求返回为空的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！