Fixed Access-Control-Allow-Origin requirement

Noticed today that Firefox is a little more strict when it comes to CORS requests. The method explained above will only work in chrome. For firefox, you need to add these headers IN ADDITION to the Access-Control-Allow-Origin header:

Access-Control-Allow-Methods GET,OPTIONS;
Access-Control-Allow-Headers *;

I have updated the post above with the additional headers.
Does it affect all Firefox version? How about IE?
Thanks, I updated my config file.
 
There's no real harm in them though (provided it's just when you're loading the JS and that you've limited it to requests from your domain).
 
Random side note - Internet Explorer doesn't support cors at all, so even with the changes in this thread, IE9 is left in the dark. Script tags, why you so necessary!
 
Random side note - Internet Explorer doesn't support cors at all, so even with the changes in this thread, IE9 is left in the dark. Script tags, why you so necessary!
Ha, no wonder one of my members who use IE9 reported some weird problem with editing old posts. He couldn't edit previous posts using IE9 but was able to using Firefox.
 
Back
Top Bottom