Hi, Thanks for the answer...
I have to avoid any custom filed in header.. such as Content-Type: text/html; charset=ISO-8859-1 to prevent OPTIONS method in request or web server must support Access-Control-Allow-Origin in response. I think Access-Control-Allow-Origin should be provided by the web server in repose with proper white-list for request origin. or I have to use both previous versions of web server and browser. I will try asap but any other suggestion for solution. Alper On Apr 7, 12:25 pm, Thomas Broyer <[email protected]> wrote: > On Apr 4, 8:26 pm, javaci <[email protected]> wrote: > > > Hi, > > > I am working on a basic GWT project. Application sends a GET methos > > HTTP request and gets the response back. > > > It works fine on IE on Windows XP SP3. > > It shouldn't with a default config. You might have reconfigured IE to > bypass the SOP (see below). > Seehttp://en.wikipedia.org/wiki/Same_origin_policy > > > > > > > > > (1) > > But on firefox 3.6.2 response can not be received successfully, > > response status code=0 and getText() returns empty. > > > I monitor HTTP traffice with a HTTP sniffer and I can see that the > > response has the 200 OK success code. Why the application receives > > nothing and statuscode=0 even though real response the 200 OK success > > status code. I deployed application on tomcat 6.0.24 and called the > > sample html page on that tomcat url. > > > Request Stream > > GET /search?hl=tr&source=hp&q=apple&meta=&aq=f&aqi=&aql=&oq=&gs_rfai= > > HTTP/1.1 > > Host:www.google.com.tr > [...] > > Origin:http://localhost:8080 > > Cross-origin request. In most browsers it'll fail. In recent browsers, > it only fails if the server doesn't explicitly says it's allowed. > Seehttp://www.w3.org/TR/cors/ > > > > > (2) > > On Safari 4.0.4, it is also failed.. GETmethodis replaced with > >OPTIONS.. I did not understand why? > > > Request Stream > >OPTIONS/search? > > hl=tr&source=hp&q=apple&meta=&aq=f&aqi=&aql=&oq=&gs_rfai= HTTP/1.1 > > Host:www.google.com.tr > [...] > > Access-Control-Request-Headers: Content-Type > > Safari tries a preflight > request:http://www.w3.org/TR/cors/#cross-origin-request-with-preflight0 > > (Safari is right here, because you include a "Content-Type: text/ > html ..." header (which is totally useless as you do not send a > request body) which is not a "simple header" per CORS definition, so a > preflight request should be made) -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
