mark_anderson_us wrote:So two questions, from the same browser on Mac, why is work with loopback address but not real IP.
How do I pass credentials in my Rest calls?
Thanks
MArk
<img src="../secure/topsecret.jpg">
<img src="www.mywebsite.com/secure/topsecret.jpg">
<img src="www.othersite.com/secure/topsecret.jpg">
mark_anderson_us wrote:What's strange is if I put the loopback URL in safari it works.
Key Value
Request GET /devices HTTP/1.1
Referer http://localhost:50376/index.html
Accept application/json, text/plain, */*
Accept-Language en-US
Origin http://localhost:50376
Accept-Encoding gzip, deflate
User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host 172.30.90.30:8176
DNT 1
Connection Keep-Alive
Cache-Control no-cache
Key Value
Response HTTP/1.1 200 OK
Server IndigoWebServer/5.0
Allow GET, HEAD, POST, PUT
Date Mon, 16 Jun 2014 13:24:52 GMT
Content-Type text/html;charset=utf-8
Content-Length 597
valid CORS responses; omitting the header will cause the CORS request to fail. The value of the header can either echo the Origin request header (as in the example above), or be a '*' to allow requests from any origin. If you’d like any site to be able to access your data, using '*' is fine. But if you’d like finer control over who can access your data, use an actual value in the header.
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<script src="//code.jquery.com/jquery-1.11.0.min.js"></script>
</head>
<body>
<p align="center" style="font-size: 20px;">
<a href="#" onclick="makeCorsRequest(); return false;">Test</a>
</p>
<div id="response">
</div>
</body>
<script >
// Create the XHR object.
function createCORSRequest(method, url) {
var xhr = new XMLHttpRequest();
if ("withCredentials" in xhr) {
// XHR for Chrome/Firefox/Opera/Safari.
xhr.open(method, url, true);
} else if (typeof XDomainRequest != "undefined") {
// XDomainRequest for IE.
xhr = new XDomainRequest();
xhr.open(method, url);
} else {
// CORS not supported.
xhr = null;
}
return xhr;
}
// Helper method to parse the title tag from the response.
function getTitle(text) {
return text.match('<title>(.*)?</title>')[1];
}
// Make the actual CORS request.
function makeCorsRequest() {
// All HTML5 Rocks properties support CORS.
//var url = 'http://updates.html5rocks.com';
//var url = 'https://api.github.com/users/angular';
var url = 'http://172.30.90.30:8176/devices.xml/';
var xhr = createCORSRequest('GET', url);
if (!xhr) {
//alert('CORS not supported');
document.querySelector('#response').innerHTML = 'CORS not supported';
return;
}
// Response handlers.
xhr.onload = function () {
var text = xhr.responseText;
//var title = getTitle(text);
//alert('Response from CORS request to ' + url + ': ' + title);
document.querySelector('#response').innerHTML = text; //url + ': ' + title;
};
xhr.onerror = function () {
//alert('There was an error making the request.');
document.querySelector('#response').innerHTML = 'There was an error making the request.';
};
xhr.send();
}
</script>
</html>
var url = 'http://172.30.90.30:8176/devices.xml/';
var url = 'http://172.30.90.30:8176/devices.xml';
Users browsing this forum: No registered users and 1 guest