Headers to send for CORS call with authenticated session

Joined:
02/21/2009: Posts:
172

May 03, 2014 10:24:35 Last update: May 03, 2014 10:25:05

In jQuery.ajax, set withCredentials option:

$.ajax({
    url: 'http://mysite/get-data-from-session',
    xhrFields: {
       withCredentials: true
    },

    success: function(resp) {
        console.log("Response: " + resp);
    },

    error: function(xhr, err, msg) {
    }
});

Set two headers on server that provides data from session:

httpResponse.addHeader("Access-Control-Allow-Origin", "http://server-url-where-the-CORS-request-originated");
httpResponse.addHeader("Access-Control-Allow-Credentials", "true");

Share |

| Comment | Tags

Ξ Notes

Headers to send for CORS call with authenticated session