0

I'm setting up a fallback for IE 8 and 9, for which I'm using JQuery to send a cross domain GET request. I am testing using IE 11 in emulation mode for IE8 and 9.

The server is correctly set up for CORS, and has been tested with plain JavaScript XMLHttpRequest for cross domain requests.

The request code in an IE8/9 context is as follows:

$.ajax({

        type:"GET",

        url: url,
        beforeSend : function(xhr) {

            xhr.setRequestHeader('Api-Version', config.apiVersion);
            xhr.setRequestHeader('Api-Account-Key', config.accountKey);
            xhr.setRequestHeader('Api-Authorisation-Key', config.authorisationKey);
        },
        success: function(data) {

            callback(data);
        }
});

When sending a request cross domain (the site is running under a non localhost domain at this point) it is clear that the custom headers are not being sent, and this is not an OPTIONS request (output from Fiddler debugger). 

    GET http://localhost:35000/api/example-url HTTP/1.1
    Accept: */*
    Origin: http://dev.local
    Accept-Language: en-GB
    Accept-Encoding: gzip, deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
    Host: localhost:35000
    DNT: 1
    Connection: Keep-Alive
    Pragma: no-cache

If I send the request from the same domain, using the same code, the headers are set as I would expect.

GET http://localhost:35000/api/example-url HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: en-gb
Referer: http://localhost:35000/Documentation
access-control-request-headers: x-requested-with
api-account-key: xxxxxx
Accept: */*
api-version: 1.0
api-authorisation-key: xxxx
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: localhost:35000
DNT: 1

So what is stopping JQuery, or possibly the browser sending headers in a cross domain context?

gbro3n
  • 6,729
  • 9
  • 59
  • 100
  • 3
    IE8/9 uses `XDomainRequest`, which [jQuery does not (and will not) support](http://stackoverflow.com/questions/10232017/ie9-jquery-ajax-with-cors-returns-access-is-denied). – apsillers Nov 06 '14 at 14:35
  • OK, that's all I need to know. I have since found there is no way to set XDomainRequest headers. Thank you. – gbro3n Nov 06 '14 at 15:23
  • Can someone put that in an answer, so @apsillers can mark as answered? – UpTheCreek Nov 19 '15 at 16:02
  • @UpTheCreek I've posted an answer as Community Wiki. It's not clear to me if this is a duplicate of that other question or not, so I was hesitant to answer, but I think a CW answer that summarizes the relevant points from that other answer is a reasonable compromise. – apsillers Nov 19 '15 at 16:11
  • @apsillers Oops, sorry got you mixed up with original poster - thanks for posting as answer. gb2d - Could you accept the answer please? (So people know it's resolved) – UpTheCreek Nov 19 '15 at 16:19

1 Answers1

2

Internet Explorer 8 and 9 use the XDomainRequest API to perform cross-domain requests. According to IE9 jQuery AJAX with CORS returns "Access is denied", which links to this jQuery feature request, the jQuery development team has affirmatively refused to support XDomainRequest, because it has too many shortcomings and inconsistencies when compared to XMLHttpRequest.

That answer also links to a plugin that allows the use of XDR in jQuery. Note that it will still be subject to the built-in limitations of XDR, so it may not solve your problem even if you can use the plugin to get jQuery to use the XDR API.

Community
  • 1
  • 1
apsillers
  • 112,806
  • 17
  • 235
  • 239