CORS headers not being set for a 401 response from upstream.
mdounin at mdounin.ru
Tue Jul 15 22:21:13 UTC 2014
On Tue, Jul 15, 2014 at 01:37:58PM -0400, ensing wrote:
> Thanks Maxim for the documentation link.
> I am running into a similar issue. But it is for a 504 server time out.
> I'm doing a long-poll, but it is a cross domain long poll GET request. The
> client implementation is trying to use CORS.
> It all works fine with when the GET requests returns something.
> But when the server times out (HTTP 504) there is no CORS header information
> on the reply and the client code treats it as:
> 'No 'Access-Control-Allow-Origin' header is present on the requested
> Just extending the keepalive_timeout indefinitely is also not a good idea.
> So what is the recommended way to handle a 504. It seems I don't get this in
> the client side XmlHttpRequest. The exceptions occurs before.
The message in question isn't an exception. Rather, it's an error
intended - with the exception that it can't access the response
returned. From client code point of view, this is mostly
identical to network connectivity problem. And you have to handle
the code should test the "status" property of the XMLHttpRequest
object to find out if the request was successful or not, see here:
More information about the nginx