请帮助测试一个CORS问题在Firefox jQuery ajax当401 [英] Please help test a CORS issue in Firefox jQuery ajax when 401
问题描述
这是驱动我的动物。
jQuery 1.4.2,windows XP sp3
测试。
加载firefox 3.5 +
http://plungjan.name/test/testcors.html
工作
将文件保存到硬盘并从那里运行
从我的办公室外部工程和内部
$背景:
我做一个 > GET 到使用 CORS 的内部网络服务。
请按不发布任何关于FF不处理跨域请求的任何答案,因为v3.5以后详细此处和这里
它在IE8和FF3.6.6中从一个服务器到另一个,现在几乎从文件系统(file:///)到服务。
当FF 3.6.6需要协商(用户已登录,授权并发送凭据!)时,仅来自文件系统和仅 我无法在协商后获取数据。 jQuery xhr返回状态0,没有数据/ responseText或任何
看起来像我,jQuery反应和保存xhr从401而不是从200 OK以后
这是我在通知结束时得到的警告XHR对象的结果:
状态:success
数据:[]
XHR:
一些本机函数,
readyState:4
status:0
responseXML:null
responseText:
withCredentials:true
如果我调用同一个服务器但不需要凭据,因此通信如下:
GET / restapplicationusingcors / authenticationneeded-internal / someid
Accept:application / json
Accept-Language:en
。
。
原产地:null
Cookie:LtpaToken = ...
HTTP / 1.1 401未授权
服务器:Apache
Pragma: - 控制:no-cache
到期日:Thu,01 Jan 1970 01:00:00 CET
WWW认证:Negotiate
连接:close
传输编码:分块
Content-Type:text / html
然后FF发送
GET / restapplicationusingcors / authenticationneeded-internal / someid HTTP / 1.1
主机:myhost.myintranet.bla
用户代理:Mozilla / 5.0 Windows; Windows NT 5.1; en-US; rv:1.9.2.6)Gecko / 20100625 Firefox / 3.6.6
接受:application / json
接受语言:en
Accept-编码:gzip,deflate
Accept-Charset:ISO-8859-1,utf-8; q = 0.7,*; q = 0.7
Keep-Alive:115
连接:keep-alive
原产地:null
Cookie:LtpaToken = ....
授权:Negotiate ....
并获得我需要的文件,但无法在FF中获取:
HTTP /1.1 200 OK
日期:Tue,20 Jul 2010 12:08:39 GMT
Pragma:无缓存
缓存控制:no-cache,max-age = 600,s- maxage = 3600
Expires:Thu,01 Jan 1970 01:00:00 CET
X-Powered-By:...
Content-Disposition:inline; filename = nnnnnn.json
Content-Language:en
Access-Control-Allow-Origin:...
Keep-Alive:timeout = 6,max = 70
连接:Keep-Alive
传输编码:chunked
Content-Type:application / json; charset = UTF-8
从服务器发送的数据不是在XHR对象
这里是我的代码
function getJSON(url,func,lang){
accept ='application / json';
lang = lang?lang:*;
//可怕的hack处理那个附加mime头到* / *!
//现在通过第一设置处理接受!
// if($ .browser.msie& url.indexOf('serveAsMime')== - 1){
// url + ='?serveAsMime ='+ accept;
//}
if(currentRequest!= null)currentRequest.abort();
var requestObjectJSON = {
url:url,
// dataType:json,
method:'get',
beforeSend:function(xhr){
xhr.setRequestHeader('Accept',); // IE hack
xhr.setRequestHeader('Accept',accept);
xhr.setRequestHeader('Accept-Language',lang);
if(url.indexOf(' - internal')!= - 1){
try {
xhr.withCredentials = true;
alert('set credentials')
}
catch(e){
alert('不能设置xhr凭证')
}
}
},
success:function(data,status,xhr){
var responseText = xhr.responseText;
var responseJSON = xhr.responseJSON;
var t =;
try {
for(var o in xhr)t + ='\\\
'+ o +':'+ xhr [o];
}
catch(e){
if(e.message.indexOf('。channel')== - 1)alert(e.message);
}
alert('Status:'+ status +'\\\
Data:['+ data +'] \\\
XHR:'+ t);
func(responseText);
},
}
currentRequest = $ .ajax(requestObjectJSON);
}
黑暗,因为我不完全了解你的问题,但我想你可能有一个问题与 file:
URL,不被视为有任何 origin。我不确定是否可以 从文件网址授权CORS。
this is driving me nutters.
jQuery 1.4.2, windows XP sp3
Here is my test.
Load firefox 3.5+
http://plungjan.name/test/testcors.html
works
Save the file to harddisk and run from there
From my office the external works and the internal does not
What is also interesting is that I cannot run both in one go.
Background: I do a GET to an internal web service that uses CORS. Please do NOT post any answers about FF not handling cross domain request when it does since v3.5 as detailed here and here
It works in IE8 and FF3.6.6 from one server to the other and now almost from file system (file:///) to service. Only from file system and only when FF 3.6.6 needs to negotiate (the user is already logged in, authorised and sends the credentials!) do I not get the data after negotiation. jQuery xhr returns status 0 and no data/responseText or whatever Seems to me, jQuery reacts and saves the xhr from the 401 rather than from the 200 OK later
Here is the result I get at the end of the communication when I alert the XHR object:
Status:success
Data:[]
XHR:
some native functions,
readyState:4
status:0
responseXML:null
responseText:
withCredentials:true
if I make a call to the same server but without needing credentials, the data is returned just fine cross domain
So the communication is as follows:
GET /restapplicationusingcors/authenticationneeded-internal/someid
Accept: application/json
Accept-Language: en
.
.
Origin: null
Cookie: LtpaToken=...
the return is
HTTP/1.1 401 Unauthorized
Server: Apache
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
WWW-Authenticate: Negotiate
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
Then FF sends
GET /restapplicationusingcors/authenticationneeded-internal/someid HTTP/1.1
Host: myhost.myintranet.bla
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6
Accept: application/json
Accept-Language: en
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: null
Cookie: LtpaToken=....
Authorization: Negotiate ....
and is rewarded with the file I need, but cannot get at in FF:
HTTP/1.1 200 OK
Date: Tue, 20 Jul 2010 12:08:39 GMT
Pragma: No-cache
Cache-Control: no-cache, max-age=600, s-maxage=3600
Expires: Thu, 01 Jan 1970 01:00:00 CET
X-Powered-By: ...
Content-Disposition: inline;filename=nnnnnn.json
Content-Language: en
Access-Control-Allow-Origin: ...
Keep-Alive: timeout=6, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
THE DATA SENT FROM THE SERVER IS NOT IN THE XHR OBJECT
Here is my code
function getJSON(url,func,lang) {
accept = 'application/json';
lang=lang?lang:"*";
// gruesome hack to handle that APPENDS the mime header to */* !!!
// NOW HANDLED by first setting Accept to "" !!!
// if ($.browser.msie && url.indexOf('serveAsMime')==-1) {
// url+= '?serveAsMime='+accept;
// }
if (currentRequest != null) currentRequest.abort();
var requestObjectJSON = {
url : url,
// dataType: "json",
method : 'get',
beforeSend: function(xhr){
xhr.setRequestHeader('Accept', ""); // IE hack
xhr.setRequestHeader('Accept', accept);
xhr.setRequestHeader('Accept-Language', lang);
if (url.indexOf('-internal') !=-1) {
try {
xhr.withCredentials = true;
alert('set credentials')
}
catch(e) {
alert('cannot set xhr with credentials')
}
}
},
success: function(data,status,xhr) {
var responseText = xhr.responseText;
var responseJSON = xhr.responseJSON;
var t = "";
try{
for (var o in xhr) t += '\n'+o+':'+xhr[o];
}
catch(e) {
if (e.message.indexOf('.channel')==-1)alert(e.message);
}
alert('Status:'+status+'\nData:['+data+']\nXHR:'+t);
func(responseText);
},
}
currentRequest = $.ajax(requestObjectJSON);
}
This is a stab in the dark since I don't fully understand your problem, but I think you might be having a problem with file:
URLs, which are not treated as having any origin. I'm not sure it's even possible to authorize CORS from a file URL.
这篇关于请帮助测试一个CORS问题在Firefox jQuery ajax当401的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!