我正在尝试将跨域XHR创建到安全域。
我使用以下代码来执行此操作:
this.post = function (url, data) { var xmlhttp=new XMLHttpRequest(); xmlhttp.open("POST",url,true); xmlhttp.withCredentials=true; xmlhttp.setRequestHeader("Content-type","application/x-www-form-urlencoded; charset=UTF-8"); xmlhttp.send(data); }我将此函数与url编码的字符串数据和https://mydomainx.com/request用作url。
我在Chrome和Firefox上使用Chrome Dev Tools / Firebug进行了测试(查看请求/响应标头)。 该代码适用于Chrome(即已发送请求,已收到相应的响应)。 不安全的请求虽然适用于Firefox(当我使用http://mydomainx.com/request而不是https时)。
更具体地说,在Firefox上,似乎发送了https请求:POST请求出现在Firebug中,带有正确的请求标头,但没有收到响应。 我检查了端点服务器(mydomainx.com),它没有收到请求(说/var/log/apache2/access.log和error.log)。 当xhr.readystate == 4 ----> status = 0时,我还显示status / responseText,没有响应文本。
我尝试使XHR没有数据,或使用GET而不是POST,没有内容标题,并且文本/纯文本内容标题=>完全相同的结果(适用于http / https中的chrome,适用于带有http的firefox,不适用于使用https的Firefox。)
我花了很多时间试图谷歌解释没有成功...任何帮助将不胜感激。 非常感谢
I'm trying to make a cross-domain XHR to a secure domain.
I used the following code to do so:
this.post = function (url, data) { var xmlhttp=new XMLHttpRequest(); xmlhttp.open("POST",url,true); xmlhttp.withCredentials=true; xmlhttp.setRequestHeader("Content-type","application/x-www-form-urlencoded; charset=UTF-8"); xmlhttp.send(data); }I use this function with url-encoded string data and https://mydomainx.com/request as url.
I tested it on Chrome and Firefox, with Chrome Dev Tools / Firebug (looking at requests/response headers). The code works on Chrome (i.e. request sent, appropriate response received). The unsecure request works on Firefox though (when I use http://mydomainx.com/request rather than https).
More specifically, on Firefox, the https request seems to be sent: the POST request appears in Firebug with correct request headers, but no response is received. I checked on the endpoint server (mydomainx.com), it does not receive the request (says /var/log/apache2/access.log and error.log). I also displayed status / responseText when xhr.readystate == 4 ----> status = 0, no response text.
I tried making the XHR without data, or with GET instead of POST, and without the content header, and with a text/plain content header => exact same results (works on chrome in http/https, works on firefox with http, does not work on firefox with https).
I spent a lot of time trying to google for an explanation with no success... Any help will be greatly appreciated. Thanks a lot
最满意答案
您是否尝试在Firefox选项卡中访问URL的安全版本? 听起来好像Firefox可能会卡在SSL证书上,并且可能希望您在XHR对该URL的请求起作用之前添加例外以接受证书。
Have you tried accessing the secure version of the URL in a Firefox tab? It sounds like Firefox may be getting stuck on the SSL certificate and may want you to add an exception to accept the certificate before XHR requests to that URL will work.
更多推荐
发布评论