I ram into this problem but it was effecting all browsers (perhaps apart from FF) only IE didn't give the useful error message...
Eventually I figured out that my templates included a <base /> tag in the head section of the page which was causing the problem. I think the base href was being set to something different from the actual domain. As far as I understand this is not allowed with ajax requests for security reasons. i.e. to prevent cross site scripting attacks. First thing I would say is check to make sure there are no <base /> tags in your template. In my case it was only the first page load that didn't work. Reloading the page all worked fine. On Nov 10, 3:34 pm, jcorry <jco...@gmail.com> wrote: > I'm having an issue with Safari andChromeon a site that I have been > tasked to support and maintain (as in, I didn't design/build this...I > inherited it). > > http://www.myhealingkitchen.com > > In the sign-up process there are a number of Ajax transactions. Works > great in FF, not working in Safari though. Oddly, it works on my local > development server (Apache 2 on OS X, PHP 5.2.9 as a module)...but > doesn't work on the production server (PHP 5.2.8 on Apache running as > FastCGI). > > I get this error: Refused to get unsafe header "X-JSON" > > I have no idea where the unsafe header is being set or get or > whatever...no idea how to troubleshoot this. > > I've searched a little and found that someone else had the same > problem, with no clear indications on what to do about it. > > Oddly, I come back to the same URL later...and it DOES work. > > ??? > > Anyone ever run into anything like this before? -- You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group. To post to this group, send email to prototype-scriptacul...@googlegroups.com. To unsubscribe from this group, send email to prototype-scriptaculous+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/prototype-scriptaculous?hl=en.