我用
xhrFields : {
withCredentials: true
}
在jQuery的$ ajax调用,以我的查询中发送会话cookie。
in jQuery $ajax calls, in order to send session cookies within my queries.
通话给我的Apache日志(二百分之四百○一取决于如果cookie设置)一个正确的状态code,但Firefox总是收到一个状态= 0(即$。阿贾克斯()中的错误) 如果我删除此xhrFields区,状态code是确定(但Cookie不会发送)
The call gives a correct status code on my apache logs (401/200 depending if the cookie is set), but Firefox always receives a status=0 (i.e. an error in $.ajax()) If I remove this xhrFields section, status code is OK (but cookies are not sent)
下面是我收到的Firefox与xhrFields设置响应对象:
Here's the response object I receive in Firefox with the xhrFields setup:
{"readyState":0,"responseText":"","status":0,"statusText":"error"}
我的Apache的配置是CORS功能,并且还允许访问控制,允许-凭证(这里有相应的HTTP头)
My Apache config is CORS-enabled, and also allows Access-Control-Allow-Credentials (here are the corresponding HTTP headers)
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
有缺什么,无论是在AJAX调用,或在Web服务器上的配置?
Is there something missing, either in the AJAX call, or on the webserver config?
注:这工作完全正常的Chrome浏览器
NB: This works perfectly fine in Chrome
您可能要更明确地指定的访问控制 - 允许 - 产地标头不是*。
You probably have to specify the Access-Control-Allow-Origin header more explicitly than *.
https://developer.mozilla.org/En/HTTP_access_control#Requests_with_credentials说:
重要提示:当响应资格的请求,服务器 必须指定一个域,而不能使用野生梳理。
Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding.