CORS-preflight for GET-request with Authorization-header!?

2 replies
1 has this problem
23 views
Last reply by kimabrandt

8 years ago

kimabrandt

10/7/15, 7:26 PM

Build identifier: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 Iceweasel/40.0.3

Would you consider Firefox sending a CORS-preflight for a GET-request with an Authorization-header a bug?

Example:

   var xhr = new XMLHttpRequest();
   xhr.open("GET", "http://localhost/", true);
   xhr.setRequestHeader("Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ=");
   xhr.send(null);

Which gives me an unexpected preflight:

   OPTIONS XHR http://localhost/ [HTTP/1.1 200 OK 3ms]
   GET XHR http://localhost/ [HTTP/1.1 200 OK 221ms]

/Kim

Build identifier: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 Iceweasel/40.0.3 Would you consider Firefox sending a CORS-preflight for a GET-request with an Authorization-header a bug? Example: var xhr = new XMLHttpRequest(); xhr.open("GET", "http://localhost/", true); xhr.setRequestHeader("Authorization", "Basic dXNlcm5hbWU6cGFzc3dvcmQ="); xhr.send(null); Which gives me an unexpected preflight: OPTIONS XHR http://localhost/ [HTTP/1.1 200 OK 3ms] GET XHR http://localhost/ [HTTP/1.1 200 OK 221ms] /Kim

Answer 1 · 2015-10-07 19:26:24

guigs

10/9/15, 8:16 AM

I am not getting that. I might try updating.

Modified October 9, 2015, 8:17:02 AM PDT by guigs

Answer 2 · 2015-10-07 19:26:24

kimabrandt Question owner

10/9/15, 10:46 PM

guigs said

I am not getting that. I might try updating.

Could you delete this question? I will instead move it to one of the newsgroups.

Search Support

CORS-preflight for GET-request with Authorization-header!?

All Replies (2)

Ask a Question

Explore Our Help Articles

Mozilla Account

Search Support

CORS-preflight for GET-request with Authorization-header!?

All Replies (2)