Addendum: > I am using prototype.js version 1.5.
Why? It's been out of date for more than three and a half years (assuming you're talking about v1.5.1.2, which was superceded by v1.6.0 in November 2007). That's a _long_ time in the browser-based world. -- T.J. On Jun 12, 10:36 am, "T.J. Crowder" <t...@crowdersoftware.com> wrote: > Hi, > > I don't think it has anything to do with the certificate being self- > signed, just that it's https. > > Are you trying to use https in an ajax call when the page has been > loaded via http? If so, you're running into the Same Origin Policy[1], > which forbids doing that. Ajax requests, by default, can only go to > the same origin as the document in which the script is running, and > the concept of an origin includes the protocol > (http://example.comandhttps://example.comare _different_ origins). More in > the link. > > If you're in control of the server, you have a couple of options: > > 1. Use JSON-P[2] instead of Ajax. JSON-P doesn't have an origin > restriction, but it can only use the GET method, not POST. > > 2. If you can rely on using a modern browser, you can use the new > CORS[3] standard. You can see a list of browsers and their support (or > lack thereof) for CORS here[4]. Unfortunately, CORS is only supported > by IE in IE8 and above, and that support requires extra work (whereas > every other browser vendor who supported it did so in a backward- > compatible way). Specifically, instead of using XMLHttpRequest (which > is what Ajax.Request uses), you have to use a completely new > XDomainRequest object instead. But again, only on IE. Note that using > CORS requires that you add support for it to the server, because you > have to handle a request from the browser asking if it's okay to send > the cross-origin request. > > HTH, > -- > T.J. Crowder > Independent Software Engineer > tj / crowder software / com > www / crowder software / com > > [1]http://en.wikipedia.org/wiki/Same_origin_policy > [2]http://en.wikipedia.org/wiki/JSONP#JSONP > [3]http://www.w3.org/TR/access-control/ > [4]http://caniuse.com/#search=cors > > On Jun 12, 9:00 am, Rick Avner <rickav...@gmail.com> wrote: > > > > > > > > > Hi, > > > I have a HTML Application (HTA) using Ajax.Request to get information > > from one of my LAMP based server. The requests were working fine > > using HTTP. However, the requests are failing (responseText is blank) > > when I use HTTPS. Server SSL is enabled using self signed > > certificates. > > > Is there any way to ignore certificate warnings while using > > Ajax.Request? > > > I know I should use CA certified certificates on my server. However > > just wondering if there is any way for Ajax.Request to work with self > > signed certificates. > > > I am using prototype.js version 1.5. > > > Thanks in advance. -- You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group. To post to this group, send email to prototype-scriptaculous@googlegroups.com. To unsubscribe from this group, send email to prototype-scriptaculous+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/prototype-scriptaculous?hl=en.
