Friday, August 3, 2018

javascript - Firefox 'Cross-Origin Request Blocked' despite headers




I'm trying to make a simple cross-origin request, and Firefox is consistently blocking it with this error:




Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [url]. This can be fixed by moving the resource to the same domain or enabling CORS. [url]




It works fine in Chrome and Safari.



As far as I can tell I've set all the correct headers on my PHP to allow this to work. Here's what my server is responding with




HTTP/1.1 200 OK
Date: Mon, 23 Jun 2014 17:15:20 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.4-14+deb7u8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Request-Headers: X-Requested-With, accept, content-type
Vary: Accept-Encoding

Content-Length: 186
Content-Type: text/html


I've tried using Angular, jQuery, and a basic XMLHTTPRequest object, like so:



var data = "id=1234"
var request = new XMLHttpRequest({mozSystem: true})
request.onload = onSuccess;
request.open('GET', 'https://myurl.com' + '?' + data, true)

request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded')
request.send()


...and it works in every browser except Firefox. Can anyone help with this?


Answer



Turns out this has nothing to do with CORS- it was a problem with the security certificate. Misleading errors = 4 hours of headaches.


No comments:

Post a Comment

plot explanation - Why did Peaches' mom hang on the tree? - Movies & TV

In the middle of the movie Ice Age: Continental Drift Peaches' mom asked Peaches to go to sleep. Then, she hung on the tree. This parti...