Forums

Hi everyone,
I recently tried updating from YUI 3.1.2 to 3.2.0, and now my xhr requests in Chrome dev, and Safari 5.0.2 give me this error:
XMLHttpRequest cannot load myurl. Origin mydomain is not allowed by Access-Control-Allow-Origin.

What happens is the first xhr request goes through fine, but subsequent requests no longer have the Origin header, even though I'm including my xhr config in the config object.

This was (and does) work with YUI 3.1.2, and I haven't changed any of my code, so I'm wondering what changed in Y.IO between the two. I read through the change notes and looked at the ticket list for IO and didn't see what could be causing it. Has anyone else ran into an XHR request issue with YUI 3.2.0?

Note - Firefox 3.6 works fine, and IE 8 works fine (we use the .swf for IE).

Thanks,
Jed

I don't have one publicly available, but I'll write one up and post as soon as I can.

Thank you,
Jed

It looks like there was a change in the _setHeaders() method in io-base.js that may be the culprit. We're going to debug through it to verify if it is or not. I'll post an update with what we find.

Thanks,
Jed

I did see that ticket, which made me think it was something there. We did track it down to the following line being removed in 3.2.0:
io-base.js
method: _create(c, i)


If you add this back in, then you can make cross-domain requests with Webkit. I'm not sure why that line was removed, and if something was supposed to be added somewhere else that got missed. Is there something we need to do differently for Webkit now compared to Mozilla?

Thanks,
Jed

Hi Thomas,

We used the ability to remove the header and now everything seems to be working fine, so thank you!

Also, there is a bug on chrome's list pertaining to this, since it's really a bug on there end:

http://code.google.com/p/chromium/issues/detail?id=55830#c1

Thanks for the timely replies and help,

Jed