I'm using
我使用
xhrFields : {
withCredentials: true
}
in jQuery $ajax calls, in order to send session cookies within my queries.
在jQuery $ajax调用中,为了在查询中发送会话cookie。
The call gives a correct status code on my apache logs (401/200 depending if the cookie is set), but Firefox always receives a status=0 (i.e. an error in $.ajax()) If I remove this xhrFields section, status code is OK (but cookies are not sent)
调用在我的apache日志上给出了正确的状态代码(401/200,取决于是否设置了cookie),但是Firefox总是接收到状态=0(即$.ajax()中的错误)
Here's the response object I receive in Firefox with the xhrFields setup:
下面是我在Firefox中通过设置xhrfield收到的响应对象:
{"readyState":0,"responseText":"","status":0,"statusText":"error"}
My Apache config is CORS-enabled, and also allows Access-Control-Allow-Credentials (here are the corresponding HTTP headers)
我的Apache配置是启用内核的,还允许访问控制允许的凭据(以下是相应的HTTP头)
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Is there something missing, either in the AJAX call, or on the webserver config?
在AJAX调用或webserver配置中,是否缺少什么?
NB: This works perfectly fine in Chrome
NB:这在铬合金中非常好用
1 个解决方案
#1
9
You probably have to specify the Access-Control-Allow-Origin header more explicitly than *.
您可能必须比*更明确地指定访问控制允许的源头。
https://developer.mozilla.org/En/HTTP_access_control Requests_with_credentials说:
Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding.
重要提示:当响应授权请求时,服务器必须指定一个域,并且不能使用粗梳。