Cross-Site Ajax with http-authentication

Cross-Site Ajax with http-authentication

The following code doesn't work in Chrome and just results in an error in FF:


  1. $.ajax('http://xs.example.com', {
  2.     dataType: 'json',
  3.     crossDomain: true,
  4.     username: 'name',
  5.     password: 'pw',
  6.     xhrFields: { withCredentials: true },
  7.     success: function(content, textStatus, jqXHR){
  8.         console.log(['success! content, textStatus, jqXHR',content, textStatus, jqXHR]);
  9.     }
  10. );    
FF fails normally when username/password is omitted (401). In Chrome username/password are just ignored (no Authorization-header).


When I'm logged in on xs.example.com and omit username/password and "withCredentials: true" the ajax request works. (Without credentials the  Access-Control-Allow-Origin header on server side with wildcard is enough to make it work).


I tested with jQuery 1.7.2, 1.8.1, and 1.8.2 in Chrome 21.x and quite current FF on Windows and Linux.


P.S. This is my first post here - this editor really sucks (in Chrome).

    • Topic Participants

    • tnt