I send an AJAX post request in angularjs but it send nothing, since I check on the server side what has arrived which prints nothing using :
print_r($_REQUEST);
However when I use:
print_r(json_decode(file_get_contents("php://input")));
It works since I know the data are sent in JSON chunk and not regular form-format.
Now I have figured out how to send the post data with a header similar to that of jQuery but I still get nothing in server side using regular $_REQUEST or $_POST.
Here is the code block written in Javascript. It is worth mentioning:
I have checked all the data of the inputs using console.log() and all of them are defined.
checkUserPostData = { "username" : registerUsername, "username_check" : 'true'};
$http.post("server.php",
checkUserPostData, {"headers" :
{ "Content-Type" : "application/x-www-form-urlencoded; charset=UTF-8" }} )
.success(function(data, status, header, config){
console.log(data);
/*
if(data=='exists')
return true;
else return false;*/
})
.error(function(data, status, header, config){
console.log("error: "+data);
return data;
}); // end of $http request
} // end of CheckUser()
Here is also a log of chrome console on ajax request sent:
Remote Address:::1:8080
Request URL:http://localhost:8080/app/server.php
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:44
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Host:localhost:8080
Origin:http://localhost:8080
Referer:http://localhost:8080/app/
User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36
Form Dataview sourceview URL encoded
{"username":"asdsa","username_check":"true"}:
Response Headersview source
Connection:Keep-Alive
Content-Length:1231
Content-Type:text/html
Date:Tue, 27 May 2014 12:16:13 GMT
Keep-Alive:timeout=5, max=98
Server:Apache/2.4.4 (Win32) OpenSSL/0.9.8y PHP/5.4.16
X-Powered-By:PHP/5.4.16
Related
well I have this issue when I use $http.post of angularjs on google chrome it always returned with error 400 which is bad request, however when I tried on Mozilla Firefox it works fine!
this is the $http services code
$http({
'method': "POST",
'url': "http://example.com",
'data': data,
'withCredentials': true,
'cache': false,
headers: {
'Content-type': 'application/json',
'authTokens': sessionServices.get('userLogin').userLoginTokens,
'JSESSIONID': sessionServices.get('JSESSIONID')
}
}).
success(function(data, response, headers, status) {
console.log("sucess");
}).
error(function(data, response) {
console.log("failed");
});
this is the example data intput on the $http request it self
data = [123415, 32324123, 1123124123, 1213123]
NOTE*
the url that I submitted to which is the backend is in another domain so for example I deployed the application on http://example1.com while the backend is on http://example.com, at first I thought it was CORS issue but then apparently I passed the OPTION call and when moved to the second call which is the POST request it self then it returned with the error 400
apparently the chrome ignores my custom headers option set which is 'application/json', but in chrome it returned differently. you could see the returned call below
Remote Address:example1.com
Request URL:example.com
Request Method:POST
Status Code:400 Bad Request
Request Headers
view source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate
Accept-Language:en-US,en;q=0.8,id;q=0.6,ms;q=0.4
authTokens:13f4ca0d-eb30-435b-b313-a78ed8fff5ef
Connection:keep-alive
Content-Length:313
Content-Type:application/json;charset=UTF-8 application/json
Cookie:JSESSIONID=F524FAFC1178EE3451A7D82CBAD9BE87
Host:http://example1.com
JSESSIONID:F524FAFC1178EE3451A7D82CBAD9BE87
Origin:http://example.com
Referer:http://example.com
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
X-Requested-With:XMLHttpRequest
Request Payload
view source
[d6fece6d-fd4b-4377-b326-7e7cdafbe02b, 6240a840-29a7-4e16-899a-2db0fde6ffdd,…]
0: "d6fece6d-fd4b-4377-b326-7e7cdafbe02b"
1: "6240a840-29a7-4e16-899a-2db0fde6ffdd"
2: "794ae064-38f3-4324-8cda-5afaabe2347d"
3: "41d28490-624d-418d-8fda-4a0ed8c65aa2"
4: "38e06d09-1d33-42d2-b6a2-e06548743a1a"
5: "7f8e92c8-4217-443a-9830-3da78a75b1a6"
6: "ed31b19a-2b2a-4fd7-99b8-b5b61d6a881f"
7: "2b1b8636-d342-4114-9de3-40d42003790f"
Response Headers
view source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:example1.com
Access-Control-Expose-Headers:Jsessionid
Connection:close
Content-Language:en
Content-Length:990
Content-Type:text/html;charset=utf-8
Date:Wed, 15 Oct 2014 15:25:48 GMT
Server:Apache-Coyote/1.1
Vary:Origin
do you have this issue as well ?? could you guys help me ??
Maybe it's because of the incorrect Content-Type header:
Content-Type:application/json;charset=UTF-8 application/json
In your JavaScript code there's a typo:
headers: {
'Content-type': 'application/json',
It has to be -Type, capital T. The default is application/json anyway so you can as well remove that line.
It could be that Chrome merges Content-type and Content-type whereas Firefox sends either two separate headers or only one of them.
I am using backbone to get data from an API. This all works fine when there is no authorization required and when I add the authorization to the API, I get the expected 401 - unauthorised response.
[from the console log:
GET http://localhost:999/api/tasks 401 (Unauthorized)
]
I've then add in this code to add the bearer authorization to the header for every call:
var backboneSync = Backbone.sync;
Backbone.sync = function (method, model, options) {
/*
* The jQuery `ajax` method includes a 'headers' option
* which lets you set any headers you like
*/
var theUser = JSON.parse(localStorage.getItem("happuser"));
if (theUser !== null)
{
var new_options = _.extend({
beforeSend: function(xhr) {
var token = 'Bearer' + theUser.authtoken;
console.log('token', token);
if (token) xhr.setRequestHeader('Authorization', token);
}
}, options)
}
/*
* Call the stored original Backbone.sync method with
* extra headers argument added
*/
backboneSync(method, model, new_options);
};
Once I include this code, the API sends the request with a method of OPTIONS instead of GET and I obviously get a 405 invalid method response.
Here is the console log output
OPTIONS http://localhost:999/api/tasks 405 (Method Not Allowed) jquery-1.7.2.min.js:4
OPTIONS http://localhost:999/api/tasks Invalid HTTP status code 405
Any idea why the send method would be changing?
ADDITIONAL DISCOVERY:
It appears when I do a model.save it does the same thing., even if I don't actually change the model.
FURTHER DETAILS: This is the Request/Response for the call without authorisation...
Request URL:http://localhost:999/api/tasks
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-GB,en-US;q=0.8,en;q=0.6
Host:localhost:999
Origin:http://localhost
Proxy-Connection:keep-alive
Referer:http://localhost/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Response Headersview source
Access-Control-Allow-Headers:*
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin:http://localhost
Cache-Control:no-cache
Content-Length:3265
Content-Type:application/json; charset=utf-8
Date:Wed, 13 Nov 2013 14:51:32 GMT
Expires:-1
Pragma:no-cache
Server:Microsoft-IIS/7.5
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET
As soon as I add the sync override code in the response changes to this:
Request URL:http://localhost:999/api/tasks
Request Method:OPTIONS
Status Code:405 Method Not Allowed
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-GB,en-US;q=0.8,en;q=0.6
Access-Control-Request-Headers:accept, authorization
Access-Control-Request-Method:GET
Host:localhost:999
Origin:http://localhost
Proxy-Connection:keep-alive
Referer:http://localhost/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Response Headersview source
Access-Control-Allow-Headers:*
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin:http://localhost
Allow:GET,POST
Cache-Control:no-cache
Content-Length:76
Content-Type:application/json; charset=utf-8
Date:Wed, 13 Nov 2013 14:56:52 GMT
Expires:-1
Pragma:no-cache
Server:Microsoft-IIS/7.5
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET
It would appear you are issuing a "not so simple request ™":
you're making a CORS request
and you're setting a custom header
In that case, your browser divides your request in two : a preflight request (the OPTIONS verb you see) and the actual request once the permissions have been retrieved.
To quote the article linked:
The preflight request is made as an HTTP OPTIONS request (so be sure
your server is able to respond to this method). It also contains a few
additional headers:
Access-Control-Request-Method - The HTTP method of the actual request.
This request header is always included, even if the HTTP method is a
simple HTTP method as defined earlier (GET, POST, HEAD).
Access-Control-Request-Headers - A comma-delimited list of non-simple
headers that are included in the request.
The preflight request is a way of asking permissions for the actual
request, before making the actual request. The server should inspect
the two headers above to verify that both the HTTP method and the
requested headers are valid and accepted.
I have a Rails service returning data for my AngularJS frontend application. The service is configured to allow CORS requests by returning the adequate headers.
When I make a GET request to receive data, the CORS headers are sent, as well as the session cookie that I have previously received on login, you can see for yourself:
Request URL:http://10.211.194.121:3000/valoradores
Request Method:GET
Status Code:200 OK
Request Headers
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive
Cookie:_gestisol_session=BAh7B0kiDHVzZXJfaWQGOgZFRmkASSIPc2Vzc2lvbl9pZAY7AEZJIiVmYTg3YTIxMjcxZWMxNjZiMjBmYWZiODM1ODQzMjZkYQY7AFQ%3D--df348feea08d39cbc9c817e49770e17e8f10b375
Host:10.211.194.121:3000
Origin:http://10.211.194.121:8999
Pragma:no-cache
Referer:http://10.211.194.121:8999/
User-Agent:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
X-Requested-With:XMLHttpRequest
Response Headers
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Allow-Methods:GET,POST,OPTIONS
Access-Control-Allow-Origin:http://10.211.194.121:8999
Access-Control-Max-Age:1728000
Cache-Control:max-age=0, private, must-revalidate
Connection:Keep-Alive
Content-Length:5389
Content-Type:application/json; charset=utf-8
Date:Mon, 04 Nov 2013 14:30:51 GMT
Etag:"2470d69bf6db243fbb337a5fb3543bb8"
Server:WEBrick/1.3.1 (Ruby/1.9.3/2011-10-30)
X-Request-Id:15027b3d323ad0adef7e06103e5aa3a7
X-Runtime:0.017379
X-Ua-Compatible:IE=Edge
Everything is right and I get my data back.
But when I make a POST request, neither the CORS headers nor the session cookie are sent along the request, and the POST is cancelled at the server as it has no session identifier. These are the headers of the request:
Request URL:http://10.211.194.121:3000/valoraciones
Request Headers
Accept:application/json, text/plain, */*
Cache-Control:no-cache
Content-Type:application/json;charset=UTF-8
Origin:http://10.211.194.121:8999
Pragma:no-cache
Referer:http://10.211.194.121:8999/
User-Agent:Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
X-Requested-With:XMLHttpRequest
Request Payload
{valoracione:{revisiones_id:1, valoradores_id:1}}
valoracione: {revisiones_id:1, valoradores_id:1}
And the service answers with a 403 because the request does not contain the session cookie.
I don't know why the POST request fails, as the $resource is configured just like the other one and I have defined the default for $httpProvider to send the credentials (and it works right as the GET request succeeds):
.config(['$httpProvider', function($httpProvider) {
$httpProvider.defaults.withCredentials = true;
}])
This is the failing resource when I call $save() on an instance:
'use strict';
angular.module('gestisolApp')
.service('ValoracionesService', ['$resource', 'API_BASE_URL', function ValoracionesService($resource, API_BASE_URL) {
this.valoraciones = $resource(API_BASE_URL + '/valoraciones');
}]);
And this is the service that succeeds with the query() call:
'use strict';
angular.module('gestisolApp')
.service('ValoradoresService', ['$resource', 'API_BASE_URL', function ValoradoresService($resource, API_BASE_URL) {
this.valoradores = $resource(API_BASE_URL + '/valoradores');
}]);
They are much like the same.
Does anybody know why the POST is sent without the session cookie?
Edit
Just to complete the information, preflight is handled by the following method, and is handled OK as the request before the failing POST is an OPTIONS that succeeds with a 200 response code:
def cors_preflight_check
headers['Access-Control-Allow-Origin'] = 'http://10.211.194.121:8999'
headers['Access-Control-Allow-Methods'] = 'GET,POST,OPTIONS'
headers['Access-Control-Allow-Headers'] = 'X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin'
headers['Access-Control-Allow-Credentials'] = 'true'
headers['Access-Control-Max-Age'] = '1728000'
render :nothing => true, :status => 200, :content_type => 'text/html'
end
This is the CORS OPTIONS request/response exchange previous to the failing POST:
Request URL:http://10.211.194.121:3000/valoraciones
Request Method:OPTIONS
Status Code:200 OK
Request Headers
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, x-requested-with, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:10.211.194.121:3000
Origin:http://10.211.194.121:8999
Referer:http://10.211.194.121:8999/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Response Headers
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Allow-Methods:GET,POST,OPTIONS
Access-Control-Allow-Origin:http://10.211.194.121:8999
Access-Control-Max-Age:1728000
Cache-Control:max-age=0, private, must-revalidate
Connection:Keep-Alive
Content-Length:1
Content-Type:text/html; charset=utf-8
Date:Mon, 04 Nov 2013 15:57:38 GMT
Etag:"7215ee9c7d9dc229d2921a40e899ec5f"
Server:WEBrick/1.3.1 (Ruby/1.9.3/2011-10-30)
X-Request-Id:6aa5bb4359d54ab5bfd169e530720fa9
X-Runtime:0.003851
X-Ua-Compatible:IE=Edge
Edit 2: I have changed the title to reflect clearly my problem
I had a similar problem and adding the following before angular $http CORS request solved the problem.
$http.defaults.withCredentials = true;
Refer https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS#Requests_with_credentials for more details.
When CORS is involved, then your browser will send an OPTIONS request before the POST request.
I don't know the specifics with Rails, but I guess you have to configure Rails to actually answer the OPTIONS request with the adequate CORS headers.
The following code is just for comparison - it shows how you would address the issue in Java:
public void doOptions(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
resp.setHeader("Access-Control-Allow-Origin", "http://10.211.194.121:8999");
resp.setHeader("Access-Control-Allow-Credentials", "true");
resp.setHeader("Access-Control-Allow-Methods", "OPTIONS, POST, GET");
resp.setHeader("Access-Control-Allow-Headers", "X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin");
resp.setHeader("Access-Control-Max-Age", "600");
resp.setHeader("Access-Control-Expose-Headers","Access-Control-Allow-Origin");
super.doOptions(req, resp);
}
But it might get you on the right track how to configure it in Rails.
Ok, finally I figured out what was happening.
By the answer posted on this question, I removed the HttpOnly parameter from the cookie and got it working on Firefox. Later for Chrome was just a matter of applying the rest of recommendations from the answer to make it work, like setting a domain for the cookie.
After searching for a while, I cannot find the answer yet.
My problem is when I call a web service function setRequestHeader, I got the error "not allowed by Access-Control-Allow-Origin".
Here is my javaScript code:
var loginController = new sap.ltst.login.loginController({controllerName: "sap.ltst.login.loginController"});
var session = loginController.login("I051486", "123456789");
var config = {};
$.ajax({
beforeSend: function(req) {
req.setRequestHeader('Authentication', 'Authentication-Token ' + session.session_token);
},
url : "http://localhost:8081/com.sap.st.gtpapi/program/"
+ this.program + "/configs",
dataType : 'json',
type : 'GET',
async : false,
success : function(data) {
config = data;
}
});
return config;
In web service side, I have a function that I can enable or disable the authentication. I tried to set the auth as false (not check the auth) then remove setRequestHeader, I got no error and the web service returns me some data.
In another way I tried to put it back, I got the error.
XMLHttpRequest cannot load http://localhost:8081/gtpapi/program/Business%20Intelligence%20platform%204.1%20(BI%20Aurora%204.1)/configs. Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin.
So I don't think that it's the problem of the auth because in the web service side, I disable the auth verification.
Let's move to the web service side, this is the interface:
public static final String HEADER_AUTH_TOKEN = "Authentication-Token";
#GET
#Consumes({MediaType.APPLICATION_JSON})
#Produces({MediaType.APPLICATION_JSON})
#Path("/guid_{planId}/packages/{packId}/{results}")
public Response setPackageResult(#PathParam("planId") final String planGuid, #PathParam("packId") final String packGuid, #PathParam("results") final String results, #HeaderParam(WebServiceBase.HEADER_AUTH_TOKEN) String token);
This is the header response et request on Chrome:
Request URL:http://localhost:8081/com.sap.st.gtpapi/program/SBOP%20EXPLORER%204.1/configs
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Charset:UTF-8,*;q=0.5
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,fr;q=0.6
Access-Control-Request-Headers:accept, authentication, origin
Access-Control-Request-Method:GET
Cache-Control:no-cache
Connection:keep-alive
Host:localhost:8081
Origin:http://localhost:8080
Pragma:no-cache
Referer:http://localhost:8080/LTST_Frontend/index.html
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.64 Safari/537.31
Response Headersview source
Allow:GET,OPTIONS,HEAD
Content-Length:0
Content-Type:text/xml
Date:Fri, 02 Aug 2013 15:44:10 GMT
Server:Apache-Coyote/1.1
I'm not sure I did some mistake whether the problem comes from javaScript or web service. Any ideas?
Put any header you want to send in the safe list:
header("Access-Control-Allow-Headers: Authentication, X-Custom-Header, .. etc");
This should be part of the CORS headers on the receiving domain.
Edit: In my case, The the reason that it was not returning to correct information is that I was trying to use JSONP to connect to a CORS data setup, whereas the server did not have it set up for my particular computers access. I needed to talk to someone and adjust the permissions of the config file for the server. Thats what was really going on, and i couldnt figure it out because i thought CORS and JSONP were synonymous, but in fact there are different ways they are carried out and certain server permissions which need to be set.
Brief: I have an $.ajax request which pings a server looking data. It fails, but data shows success.
Going into the Network, it SHOWS the response. I want it. Its right out of my grasp.
Errors: Says it fails, but the return is:
{"readyState":4,"status":200,"statusText":"success"}
So, it means that somewhere on the client side, it was flagged. The response is:
["Asset","AssetElementDefMap","AssetFile","AssetFileCategory","AssetFileCategoryObjectMap","AssetFilesFieldMap","AssetFilesReportMap","AssetTree","AssetType","BicUrl","CancelledUpload","CurrentValue","DataTypeInstanceMembers","DataTypeInstances","DataTypeMembers","DeviceDatabase","ElementDef","ElementDefEnvironment","ElementDefFormMap","ElementDefManual","ElementDefStructUnit","ElementDefStructUnitList","Field","FieldChoice","FieldFormScriptMap","FileType","FileTypeAssetFileCategoryMap","ForgotPassword","Form","FormScriptFunction","FormType","in_id","InspectionType","Inspector","MobileFormOSMap","MobileReportTypeFormMap","MobileReportTypeFormTypeMap","ProfileProperty","Report","ReportSubAssetMap","ReportType","ReportTypeAssetTypeMap","ReportTypeInspectionTypeMap","ReportValue","WorkingSet"]
The Headers are:
**Request**
URL:http://xx.xxx.xx.x/mas3/DataSources/inspecttech.inspecttech/Schema/Classes/?callback=jQuery172021616409649141133_1374243099954&_=1374243124683
Request Method:GET
Status Code:200 OK
**Request Headers**
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Authorization:Basic bmRvdG1vYnguaGluc3BlY3R0ZWNoOjU0NjdjZTg2ZTdiMzc4MTNjYmQ0ZGQ3MTM1MDJkOGVjNDNiYjUwMTU2NzJiNzAxNDczMDRjYzE5YjA5ZGIyN2EyODNiMzliNmY4YzIyN2UxNjY1MDk5NDcxYzBjOTFlODZhN2EzOTliZTgzMjliNGY1MzFjOWZhYWI3YjNkMjg1
Connection:keep-alive
Host:10.224.65.5
Referer:http://localhost:3033/BentleyFormIntegrationFrameset.aspx
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.72 Safari/537.36
**Query String Parameters**
callback:jQuery172021616409649141133_1374243099954
_:1374243124683
**Response Headers**
Cache-Control:no-cache
Content-Language:en-US
Content-Length:801
Content-Type:application/json; charset=utf-8
Date:Fri, 19 Jul 2013 14:12:03 GMT
Expires:-1
Mas-License-Error-Id:NoClientLicense
Mas-License-Error-Message:Client's license is invalid.
Pragma:no-cache
Server:Microsoft-IIS/7.5
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET
EDIT: AJAX REQUEST:
var u = "myusername";
var p = "mypass";
var up = u + ":" + p;
$.ajax({
type: "GET",
url: "http://xx.xxx.xx.x/mas3/DataSources/inspecttech.inspecttech/Schema/Classes/",
contentType: "application/json; charset=utf-8",
dataType: "jsonp",
headers: {Authorization: "Basic "+up},
success: function (r) {
alert("Success: " + JSON.stringify(r));
},
error: function (r) {
alert("Failure: " + JSON.stringify(r));
}
});
The response is:
Content-Type:application/json
["Asset","AssetElementDefMap",…,"WorkingSet"]
That's no JSONP script, but plain JSON (the "padding", ie. the callback function, is missing). Since the request is cross-domain, you're not allowed to access it - and executing it as a script fails even when the resource loads with a 200 OK status.