CORS-preflight for GET-request with Authorization-header!?

2 个回答
1 人有此问题
23 次查看
最后回复者为 kimabrandt

8 年前

kimabrandt

10/7/15, 7:26 PM

Build identifier: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 Iceweasel/40.0.3

Would you consider Firefox sending a CORS-preflight for a GET-request with an Authorization-header a bug?

Example:

   var xhr = new XMLHttpRequest();
   xhr.open("GET", "http://localhost/", true);
   xhr.setRequestHeader("Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ=");
   xhr.send(null);

Which gives me an unexpected preflight:

   OPTIONS XHR http://localhost/ [HTTP/1.1 200 OK 3ms]
   GET XHR http://localhost/ [HTTP/1.1 200 OK 221ms]

/Kim

Build identifier: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 Iceweasel/40.0.3 Would you consider Firefox sending a CORS-preflight for a GET-request with an Authorization-header a bug? Example: var xhr = new XMLHttpRequest(); xhr.open("GET", "http://localhost/", true); xhr.setRequestHeader("Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ="); xhr.send(null); Which gives me an unexpected preflight: OPTIONS XHR http://localhost/ [HTTP/1.1 200 OK 3ms] GET XHR http://localhost/ [HTTP/1.1 200 OK 221ms] /Kim

Answer 1 · 2015-10-07 19:26:24

guigs

10/9/15, 8:16 AM

I am not getting that. I might try updating.

由guigs于October 9, 2015, 8:17:02 AM PDT修改

Answer 2 · 2015-10-07 19:26:24

kimabrandt 提问者

10/9/15, 10:46 PM

guigs said

I am not getting that. I might try updating.

Could you delete this question? I will instead move it to one of the newsgroups.

搜索 | 用户支持

CORS-preflight for GET-request with Authorization-header!?

所有回复 (2)

提问

浏览我们的帮助文章

Mozilla 账户

搜索 | 用户支持

CORS-preflight for GET-request with Authorization-header!?

所有回复 (2)