Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mayorovp2013-08-13 15:42:28
JavaScript
mayorovp, 2013-08-13 15:42:28

How to make a cross-domain redirect in an AJAX request?

The following script is used.
1. The user requests the _http://example.com/
page 2. The page contains a script that makes a request to _http:// example.com/foo
3. The _http:// example.com/foo handler redirects to _http:// localhost:9600/bar

Further, according to the plan - long pooling and a reverse redirect, but it doesn’t even reach that point - immediately after the redirect to _http:// localhost:9600/bar , the AJAX request ends with an error, in the inspector the request status is CANCELLED, chrome://net-internals/#events shows that the request ended due to a URL_REQUEST_BLOCKED_ON_DELEGATE event marked CANCELLED .

At first, setting the crossDomain parameter for the request and issuing the Access-Control-Allow-Origin: * header on the local server side helped, but then the problem suddenly returned.

Launching the browser with the --disable-web-security option did the trick, but it's obviously a temporary workaround. Therefore, I have a question: which of the features included in web security blocks this redirect, and how can I bypass it? Both servers are mine, there is full access to the headers and files in the root.

And, if no one knows the answer to the first question, then the second question is: what features are included in web security and where can I see their list?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
M
mayorovp, 2015-01-30
@mayorovp

A long study of the problem showed that a request that began as an intra-domain request cannot have a cross-domain "continuation" in principle.
I solved the problem in the standard way - by giving a redirect in the response, and then generating a new request after that.

Report
A
Aleks_ja, 2013-08-13
@Aleks_ja

Try with JSONP

Report
E
Eugene Obrezkov, 2013-08-13
@ghaiklor

You can just use JSON too. Only then it is necessary to register permission for this case in the header that receives the data:

Access-Control-Allow-Origin: *

Report
R
rozhik, 2013-08-13
@rozhik

In response, set headers
Access-Control-Allow-Origin: _http://example.com/
Access-Control-Allow-Methods: GET, OPTIONS
And read this

Report
T
tnz, 2013-08-21
@tnz

How about a hidden iframe with a postMessage proxy in the main frame? There are even ready-made ones.

Similar questions
F
freestm2017-04-07 22:31:58
How to transfer the execution of the program to the server? 6Reply
F
Fyodor Buzinov2015-04-14 12:52:57
Nginx: redirect from https to http? 5Reply
X
xmoonlight2019-09-11 19:35:03
Development of OS update policy ideology: is it necessary and how often? 4Reply
U
Utopia2015-04-23 02:42:24
How is the messenger connection and network operation implemented? 2Reply
A
alex_ak12017-04-17 15:21:44
How to request a certificate for an RDP server? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question