1

Dear all i have a strange problem .

My target is : Site abc.com will send ajax 'POST/GET' request to site xyz.com

xyz.com will create a COOKIE via PHP and print it out : 

print $_COOKIE["rand_user_id"];

so the site abc.com will read the printed TEXT via "xhr.responseText".

PS: even if Page has been refreshed , the xhr.responseText will print same TEXT.

Problem : All the provisos description is works just fine

But JavaScript want able to print out the Content TEXT !

and the xhr.status return 0 !!!!

when i sniff the response via HTTPAnalyze i can see the TEXT in the content of the responseText. and the response code is 200 in the HTTPAnalyze program.

Please advice

My code is :

Client side

    <script>
window.onload = function(){
    var xhr = new XMLHttpRequest();
    xhr.open("GET", "http://www.adriper.com/setcookie.php", true);
    xhr.onreadystatechange = function(){
        if ( xhr.readyState == 4 ) {
            if ( xhr.status == 200 ) {
                document.body.innerHTML = "Random code  is: " + xhr.responseText;
            } else {
                document.body.innerHTML = "ERROR Number :"+xhr.status;
            }
        }
    };

    xhr.withCredentials = true; 
    xhr.send(null);
};
</script>

Server side is :

PHP

<?
if(!isset($_COOKIE["rand_user_id"]))
{
   $val = md5(rand(111,999));   
   setcookie("rand_user_id", $val , time()+60*60*24*30, '/');
   print $_COOKIE["rand_user_id"];
}else{
    print $_COOKIE["rand_user_id"];
    }
?>

.htaccess

Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type ,accept"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
Header add Access-Control-Allow-Credentials: true

HTTP Response 

GET /setcookie.php HTTP/1.1
Host: www.adriper.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:18.0) Gecko/20100101 Firefox/18.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://localhost/mouse/Untitled-1.html?w
Origin: http://localhost
Cookie: rand_user_id=m3zwy_pomRVe1FovfsOXBLJvUyw_lnA6MWMjot1lSGtXB3MwGXJlR0d2afbxwBWe
Connection: keep-alive

Options

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Jan 2013 00:55:30 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.2.17
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type ,accept
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 52
4

0 回答 0