Headers to send for CORS call with authenticated session
May 03, 2014 10:24:35 Last update: May 03, 2014 10:25:05
- In
jQuery.ajax
, setwithCredentials
option:$.ajax({ url: 'http://mysite/get-data-from-session', xhrFields: { withCredentials: true }, success: function(resp) { console.log("Response: " + resp); }, error: function(xhr, err, msg) { } });
- Set two headers on server that provides data from session:
httpResponse.addHeader("Access-Control-Allow-Origin", "http://server-url-where-the-CORS-request-originated"); httpResponse.addHeader("Access-Control-Allow-Credentials", "true");