I am trying to implement a workaround for the lack of CORS functionality in Internet Explorer. For GET requests I use JSONP, no problem here. For small POST / DELETE / PUT requests, I also use JSONP by tunneling requests through GET, but this does not work for large requests (since the length of the GET URL is limited). So for big data, I'm trying to implement a POST form through an iframe. I cannot read the response from this POST due to the policy with the same source code, so I get the response through a JSONP GET request after posting the data. Works great, but sometimes I get a strange warning in IE 9:
Internet Explorer has modified this page to help prevent cross-site scripting.
At first I thought what the hell is doing there, because even when this warning appears, everything works correctly. Then I found out that IE replaces the contents of the hidden iframe AFTER the POST response (which I canβt read and I need it anyway) with the β#β symbol.
Thus, my working method still works even when this warning appears, but I would like to know what exactly causes this warning, so maybe I can change my temporary CORS solution to get rid of this warning. Any clues?
source share