W3C home > Mailing lists > Public > public-webapps@w3.org > October to December 2011

Re: [cors] what's an example a simple request with credentials?

From: Jarred Nicholls <jarred@sencha.com>
Date: Fri, 23 Dec 2011 11:13:34 -0500
Message-ID: <CANufG2P9W2aQgVoa_NbiaCD0tP1R11y+7SbePK67mgRSqSwK5w@mail.gmail.com>
To: Benson Margulies <bimargulies@gmail.com>
Cc: public-webapps@w3.org
On Fri, Dec 23, 2011 at 11:03 AM, Benson Margulies <bimargulies@gmail.com>wrote:

> I am failing to come up with a sequence of calls to XMLHttpRequest
> that will trigger credential processing while remaining a simple
> request. Explicit credentials passed to open() are prohibited for all
> cross-origin requests,


Have you set withCredentials = true; ?


> and url-embedded credentials seem to trigger
> the same prohibition. An Authorization header is non-simple.
> Certificates would be rather gigantically difficult in the testing
> environment I'm working with. There's talk of cookies, but those would
> also make the request non-simple, wouldn't they?
>
>


-- 
................................................................

*Sencha*
Jarred Nicholls, Senior Software Architect
@jarrednicholls
<http://twitter.com/jarrednicholls>
Received on Friday, 23 December 2011 16:14:28 GMT

This archive was generated by hypermail 2.3.1 : Tuesday, 26 March 2013 18:49:49 GMT