On 2011-04-21, at 07:17, Raju Bitter wrote: > I've been testing a bit more with CORS/cross-origin resource sharing. > One problem is that when you make a CORS request which fails (when the > server you are sending the request to doesn't return the expected > response header Access-Control-Allow-Origin), you will get an HTTP > status of 0 (zero) for the request, and the readyState will be 4. > > The response headers are not available due to security reasons, > therefore there is no way to detect what went wrong. What could be > done though is to compare the requesturl of the LzHTTPLoader object > and compare the domain contained within requesturl with the domain for > document.location. If it's a cross-origin request, the LFC could dump > a warning into the Laszlo Debugger that something might have gone > wrong with a CORS request. > > What do you think?
At least the URL that fails should be output in the debugger as part of the error message. Seems reasonable to note when the error might be due to security disallowing cross-origin.
