Headers to send for CORS call with authenticated session 

Joined:
02/21/2009
Posts:
172

May 03, 2014 10:24:35    Last update: May 03, 2014 10:25:05
  1. In jQuery.ajax, set withCredentials option:
    $.ajax({
        url: 'http://mysite/get-data-from-session',
        xhrFields: {
           withCredentials: true
        },
    
        success: function(resp) {
            console.log("Response: " + resp);
        },
    
        error: function(xhr, err, msg) {
        }
    });
    


  2. Set two headers on server that provides data from session:
    httpResponse.addHeader("Access-Control-Allow-Origin", "http://server-url-where-the-CORS-request-originated");
    httpResponse.addHeader("Access-Control-Allow-Credentials", "true");
    

Share |
| Comment  | Tags