I am trying to make a simple POST request and I am still unsuccessful.
Headers change from
Encoding: UTF-8 Http-Method: POST Content-Type:
application/x-www-form-urlencoded;charset=UTF-8
to
Http-Method: OPTIONS
Content-Type:
I understand that when I try to access my server using Google Closure XhrIo , it causes preflight and fails my POST request.
But Firefox extension app RESTClient and also a similar Chrome app can access using XMLHttpRequest and they don’t cause preflight. How and why ?
PS: I am not a JS pro and I fail to understand the intricacies of this code http://code.google.com/p/restclient/source/browse/extension/chrome/content/restclient.js.
Any help appreciated
Eddie.
Found this piece of valuable information on HTML5Rocks.com
CROSS-DOMAIN FROM CHROME EXTENSIONS
Chrome extensions support cross-domain requests in a two different ways:
Include domain in manifest.json – Chrome extensions can make cross-domain requests to any domain if the domain is included in the “permissions” section of the manifest.json file:
“permissions”: [ “http://*.html5rocks.com”] The server doesn’t need to include any additional CORS headers or do any more work in order for the request to succeed.
CORS request – If the domain is not in the manifest.json file, then the Chrome extension makes a standard CORS request. The value of the Origin header is “chrome-extension://[CHROME EXTENSION ID]”. This means requests from Chrome extensions are subject to the same CORS rules described in this article.