Hate to butt in here but did try setting an alert(ajax.transport.responseText) right after your ajax call?
On Sun, Jun 12, 2011 at 6:28 PM, T.J. Crowder <t...@crowdersoftware.com>wrote: > Hi, > > > As I said in my post, the Ajax.Request call are in a HTML Application > > (HTA). Which is not a server page. It run on client machine using > > mshta.exe and request data from server using ajax. > > Ah, sorry. Probably not safe to assume everyone knows what you mean by > "HTA". I've seen any number of acronyms people have created ad hoc to > make their web apps sound cool, I have to assume I put your use of > "HTA" in that category, not being familiar with that specific > Microsoft-centric technology. > > > And I don't think the issue is due to "Same Origin Policy", as the > > requests are working fine when server SSL is enabled using trusted > > certificate. > > In that case, it's a question for Microsoft. Prototype isn't involved > in the certificate chain process at all. It just does the request and > reads the response via XMLHttpRequest. The certificate stuff is > handled by the user agent (e.g., mshta.exe). > -- > T.J. Crowder > Independent Software Engineer > tj / crowder software / com > www / crowder software / com > > On Jun 12, 7:17 pm, Rick Avner <rickav...@gmail.com> wrote: > > Hi Crowder, > > > > Thanks for the information. > > > > As I said in my post, the Ajax.Request call are in a HTML Application > > (HTA). Which is not a server page. It run on client machine using > > mshta.exe and request data from server using ajax. > > > > And I don't think the issue is due to "Same Origin Policy", as the > > requests are working fine when server SSL is enabled using trusted > > certificate. > > > > The response is blank when server SSL is enabled using self signed > > certificate. Any idea? > > > > And yes, I should try with latest version of prototype.js. > > > > Thanks > > > > On Jun 12, 3:05 pm, "T.J. Crowder" <t...@crowdersoftware.com> wrote: > > > > > > > > > > > > > > > > > Addendum: > > > > > > I am using prototype.js version 1.5. > > > > > Why? It's been out of date for more than three and a half years > > > (assuming you're talking about v1.5.1.2, which was superceded by > > > v1.6.0 in November 2007). That's a _long_ time in the browser-based > > > world. > > > > > -- T.J. > > > > > On Jun 12, 10:36 am, "T.J. Crowder" <t...@crowdersoftware.com> wrote: > > > > > > Hi, > > > > > > I don't think it has anything to do with the certificate being self- > > > > signed, just that it's https. > > > > > > Are you trying to use https in an ajax call when the page has been > > > > loaded via http? If so, you're running into the Same Origin > Policy[1], > > > > which forbids doing that. Ajax requests, by default, can only go to > > > > the same origin as the document in which the script is running, and > > > > the concept of an origin includes the protocol > > > > (http://example.comandhttps://example.comare_different_origins). > More in the link. > > > > > > If you're in control of the server, you have a couple of options: > > > > > > 1. Use JSON-P[2] instead of Ajax. JSON-P doesn't have an origin > > > > restriction, but it can only use the GET method, not POST. > > > > > > 2. If you can rely on using a modern browser, you can use the new > > > > CORS[3] standard. You can see a list of browsers and their support > (or > > > > lack thereof) for CORS here[4]. Unfortunately, CORS is only supported > > > > by IE in IE8 and above, and that support requires extra work (whereas > > > > every other browser vendor who supported it did so in a backward- > > > > compatible way). Specifically, instead of using XMLHttpRequest (which > > > > is what Ajax.Request uses), you have to use a completely new > > > > XDomainRequest object instead. But again, only on IE. Note that using > > > > CORS requires that you add support for it to the server, because you > > > > have to handle a request from the browser asking if it's okay to send > > > > the cross-origin request. > > > > > > HTH, > > > > -- > > > > T.J. Crowder > > > > Independent Software Engineer > > > > tj / crowder software / com > > > > www / crowder software / com > > > > > > [1]http://en.wikipedia.org/wiki/Same_origin_policy > > > > [2]http://en.wikipedia.org/wiki/JSONP#JSONP > > > > [3]http://www.w3.org/TR/access-control/ > > > > [4]http://caniuse.com/#search=cors > > > > > > On Jun 12, 9:00 am, Rick Avner <rickav...@gmail.com> wrote: > > > > > > > Hi, > > > > > > > I have a HTML Application (HTA) using Ajax.Request to get > information > > > > > from one of my LAMP based server. The requests were working fine > > > > > using HTTP. However, the requests are failing (responseText is > blank) > > > > > when I use HTTPS. Server SSL is enabled using self signed > > > > > certificates. > > > > > > > Is there any way to ignore certificate warnings while using > > > > > Ajax.Request? > > > > > > > I know I should use CA certified certificates on my server. However > > > > > just wondering if there is any way for Ajax.Request to work with > self > > > > > signed certificates. > > > > > > > I am using prototype.js version 1.5. > > > > > > > Thanks in advance. > > -- > You received this message because you are subscribed to the Google Groups > "Prototype & script.aculo.us" group. > To post to this group, send email to > prototype-scriptaculous@googlegroups.com. > To unsubscribe from this group, send email to > prototype-scriptaculous+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/prototype-scriptaculous?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group. To post to this group, send email to prototype-scriptaculous@googlegroups.com. To unsubscribe from this group, send email to prototype-scriptaculous+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/prototype-scriptaculous?hl=en.
