I dont know about IE, but try Opera12 as cross-domain support via CORS was only added on that version.
On Jan 10, 8:23 pm, ussuri <[email protected]> wrote: > Hello! > > I serve my gwt-based app from Google AppEngine from > <myapp>.appspot.com - both the script (GWT) and data (XMLHTTPRequest > POSTs). If I open https://<myapp>.appspot.com/app.html, everything > works perfectly in all modern browsers. > > However, I want to serve the .html page from my custom domain in order > to use SSL:https://mydomain.com/app.html > > I modified app.html to include script from appspot; I use a <div> and > do RootPanel.get("my_div"). I hard-coded appspot URLs for POSTs. > > This solution works perfectly in Chrome and Firefox with <add-linker > name="xsiframe"/> (or "xs") - I open an HTTPS URL from my custom > domain, it loads GWT via https from appspot.com, and do AJAX > communication (not GWT-RPC, but pure ajax) with my appspot.com app via > ssl/https. > > BUT, in IE and Opera the page opens, GWT renders the content in the > page, but AJAX requests fails with XS-origin errors: > > com.google.gwt.http.client.RequestPermissionException: The URL > https://***.appspot.com/*** is invalid or violates the same-origin > security restriction > > I do set "Access-Control-XXX" headers in my servlet (java), and I > tried to set "X-XSS-Protection" to "0" in my custom domain, but still > IE and Opera do not let me query to appspot. > > What can I do to let IE at least to allow posting to appspot.com? > > Thanks, > MG -- You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-web-toolkit?hl=en.
