All geek questions in one place

IE throwing Error with regular ajax request

I have a problem with the Facebook page I created.

The website works fine in Chrome and Firefox, but I have a problem when I try to do something simple in IE.

[BASE URL: http://domain.com/]
[REQ URL: http://domain.com/request]

What I'm trying to do is make a simple ajax request from my BASE-URL server to my server again on the REQ URL, in Chrome or Firefox I get the expected result, IE, however I get a couple of errors and warnings.

The warnings are as follows (without confidential domain information)

SEC7118: XMLHttpRequest for https://www.facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=URL_ENCODED_REDIRECT_URI required Cross Origin Resource Sharing (CORS). SEC7119: XMLHttpRequest for https://www.facebook.com/dialog/oauth?client_id=APP_ID&redirect_uri=URL_ENCODED_REDIRECT_URI required CORS preflight.

The errors are as follows

 SEC7120: Origin http://domain.com not found in Access-Control-Allow-Origin header. SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.

I have done a lot of research on these errors, and I know that they are related to Cross Origin Control and make requests from one domain that does not correspond to another. The strange thing is that both of my domains are the same, so CORS should not be used. I canโ€™t understand what Iโ€™m missing. I read at least 20 articles about stack overflows, and none of them could exactly solve my problem.

/ request / in REQ_URL is a method that is called from the controller, all I need is a call to this method, there is nothing special about it, it is a simple PHP function.

 function request() { return 'you win!'; }

ajax uses jQuery to make the request a specific $ .get method, this is my code:

 $.get('/request', function(response){ console.log(response); });

I do not get an answer.

I also tried this with $ .ajax and by calling the full method, I get the text status type returned by 'error'. I expect this to be the result of the error above.

I read and understood the articles as follows:

Resource Sharing Policies of Same Origin

In accordance with a policy of the same origin, I should not be attached to CORS, and my request for receipt should work, or I am missing something.

Any help is appreciated.

['UPDATE']

I found that the above errors occur only when inside facebook (tab on the Facebook page) this โ€œI thinkโ€ is the result of the iframe being from the domain โ€œ http://static.ak.facebook.com/ โ€ and my domain " http://domain.com " This violates the policy of the same origin. It is very annoying because when ajax call is called, they are sent from http://static.ak.facebook.com/ "to" http://domain.com "where I get Cross-origin policy errors.

I still don't know how to fix this problem.

+4
source share
1 answer

Not a lot of votes, Not a lot of views.

I found a problem and solution.

In my particular case, I used sessions to process information on the server side, which happened when the session was not saved in IE, because some of my other codes redirected his ajax request to another domain (facebook.com), which leads to a cross request request domain that you see above.

Decision:

I found out that IE does not like to go through ajax sessions, but you can say that it would be nice if you follow other modern browsers, and it was as easy as adding a P3P header.

Add this to your code before sending the request, and session variables should be sent in the requests.

  header('P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"');

I ended up rewriting my application without so many session dependencies, but that was certainly a good tutorial about IE and how it transfers sessions through ajax.

+1
source

Source: https://habr.com/ru/post/1496977/

More articles:


All Articles