- From: Paula Decker <paulad@rmi.net>
- Date: Thu, 16 Jun 2011 15:14:31 -0400 (GMT-04:00)
- To: public-webapps@w3.org
Hello, I have written a c# application that uses the HttpListener class. This class is embedded in the IIS server, but is also available for use by c# developers. This class allows the developer to create an application that can receive Http requests and send back Http responses. Recently, I have seen the need for this application to accept certain cross-domain resource sharing connections if they are from a designated server. I've read that IE8 automatically handles the protocol to send a CORS request (i.e. supplies the header, Origin: <http:abc.com> for example). This occurs when the caller uses the XMLHttpRequest javascript object. I have not verified this. The article also states that although the javascript does not need to change, the server code must change. If this is true, then I want my server to send the header, Access-Control-Allow-Origin: <http:abc.com> back to the originator. The problem is that the HttpListener object has a method, getContext where it can receive a request. Can I assume that the header has been set in this request? If so, I can return Access-Control-Allow-Origin back. At this point, does the requestor need to send me a new request to contain the actual request...how does it work? Thank you for any help you can give. If you have an example, that would be great! Sincerely, PDecker
Received on Sunday, 19 June 2011 00:40:32 UTC