No Referer header in CORS request from IE or Firefox
I'm trying to send a CORS POST request to an server.
In Chrome, this works as expected - OPTIONS preflight request is sent to server, server responds with access control headers, POST request is sent. When I try to do this in IE or Firefox, no referer is sent with the OPTIONS request, so I cannot add the access-control-allow-origin header (as this is done programatically).
Javascript is:
$.ajax({
url: $(this).attr('href'),
type: 'POST',
xhrFields: {
withCredentials: true,
},
contentType: 'application/json; charset=utf-8;',
data: JSON.stringify(data),
success: function (response) {
alert(response);
},
});
return false;
});
The headers in Chrome are as follows:
The headers in Firefox are as follows:
Is there a way to guarantee that the referrer will be sent with the OPTIONS preflight request? And if not - is there another way to get the referring URL so I can add the allow origin header?
Solved this by using the Origin header that is sent along with the preflight request. So if the Origin URL is one of the acceptable hosts, add the access-control-allow-origin header with the originating url.
- Ways to extend Array object in javascript
- Building bundle for web in vite
- Is there any way to hide the mapbox access token when initializing the map?
- Playwright - sharing state between tests
- How to create a thumbnail after cropping an image with jQuery Cropper
- Validate kendo upload control
- jQuery button click not showing/hiding content
- What's the difference between self and window?
- Small value in doughnut chart is not visible - Chartjs
- How can a function know whether it has been invoked as a constructor (using the `new` keyword)?
- What are the differences between a function expression (`function (…) { … }`) and invoking the Function constructor (`new Function(…)`)?
- Why is it possible for functions to have properties like objects? Are functions also objects?
- console.log timestamps in Chrome
- How can I count and show Unicode Characters when insert onclick to textarea?
- How to set compilerOptions.isCustomElement for VueJS 3 in Laravel project
- Creating a new Date object or using setter methods of javascript Date()
- PHP request to PHP Websocket
- Type 'void' is not assignable to type '((event: ChangeEvent<HTMLInputElement>) => void) React TypeScript
- Is there some default popup for appstore download on itunes when webapp is viewed in mobile safari?
- Turn off webcam/camera after using getUserMedia
- Show a message if a text is copied successfully(alternative to alert)
- "Uncaught TypeError: Cannot read property 'property' of undefined" when loading style with mapbox
- How to get the first Tamil letter in a word?
- handle both mouse and touch events on touch screens
- Truncate number to two decimal places without rounding
- Tailwindcss in webpack configuration not getting applied
- How to access $children for creating Tabs component?
- How to load a gzip compressed javascript without a webserver?
- What's the yield keyword in JavaScript?
- How to get the value of a selected radio button