Chrome重定向时取消CORS XHR [英] Chrome cancels CORS XHR when redirected
问题描述
我遇到了一个神秘的问题,Chrome在遇到HTTP重定向时会取消跨域AJAX请求.在网络"标签中,它显示为(已取消)",并且响应标题或正文不可用.
I'm having a mysterious issue where Chrome cancels cross-origin AJAX requests when they encounter a HTTP redirect. In the Network tab, it appears as "(canceled)" and the response headers or body are not available.
以下是流程:
- 在http:// 上加载页面
- POST请求登录https:// 上的终结点
- 303回复
- 请求已取消.
这是JS(来自 ajaxtest.html
):
var r = new XMLHttpRequest();
r.open('POST', 'https://dev.example.com/appName-rest/login', true);
r.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
r.send(JSON.stringify({"username":"myusername","password":"myrealpassword"}));
r.send();
Chrome浏览器的内部网络显示服务器使用以下标头进行了响应:
Chrome's net internals shows that the server responded with these headers:
HTTP/1.1 303 See Other
Date: Thu, 05 Sep 2013 17:54:21 GMT
Server: Apache/2
Access-Control-Allow-Origin: http://dev.example.com
Access-Control-Allow-Credentials: true
Location: https://dev.example.com/appName-rest/j_spring_cas_security_check?ticket=xxxx.example.com
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 52
Connection: close
Content-Type: text/plain; charset=UTF-8
它说:URL_REQUEST_BLOCKED_ON_DELEGATE
And it says: URL_REQUEST_BLOCKED_ON_DELEGATE
有人知道为什么这会失败吗?
Does anyone know why this is failing?
推荐答案
似乎您正在尝试做 CORS规范.
Seems you are trying to do Cross-Origin Request with Preflight, because you setup 'Content-Type': 'application/json'. Preflighted requests with redirects are rejected by CORS specs.
这篇关于Chrome重定向时取消CORS XHR的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!