Closed
Bug 566878
Opened 14 years ago
Closed 13 years ago
XHR Preflight Request not sending certificates withCredentials = true
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
INVALID
People
(Reporter: matt.kraemer, Unassigned)
Details
(Whiteboard: [CLOSEME 2011-1-30])
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 Using 2 way SSL - on cross domain requests that require a preflight the client certificate is not being sent to the server with the initial preflight request even though withCredentials = true was specified. The server reports an SSL handshake exception saying that no_certificate was sent. In FF 3.5 Firebug would show the preflight options request loading indefinitely, in FF 3.6.3 the request shows status Aborted. (non-preflight GETs/POSTs work, all preflighted requests do not POST/DELETE/PUT) Reproducible: Always Steps to Reproduce: 1. Need a two SSL environment 2. 3. Actual Results: Received status aborted on the preflight request so actual request is never sent. Expected Results: Should have sent the client certificate on the preflight because with-credentials was specified on the actual XHR request. Preflight would have returned 200 and the actual request would have been sent.
Comment 1•14 years ago
|
||
Reporter, are you still seeing this issue with Firefox 3.6.13 or later in safe mode? If not, please close. These links can help you in your testing. http://support.mozilla.com/kb/Safe+Mode http://support.mozilla.com/kb/Managing+profiles You can also try to reproduce in Firefox 4 Beta 8 or later, there are many improvements in the new version, http://www.mozilla.com/en-US/firefox/all-beta.html
Whiteboard: [CLOSEME 2011-1-30]
Actually this seems like this is expected per the latest CORS spec. The server has to be configured to accept non ssl preflight requests.
Status: UNCONFIRMED → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Updated•13 years ago
|
Resolution: FIXED → INVALID
You need to log in
before you can comment on or make changes to this bug.
Description
•