On Fri, Dec 23, 2011 at 11:03 AM, Benson Margulies <bimargul...@gmail.com>wrote:
> I am failing to come up with a sequence of calls to XMLHttpRequest > that will trigger credential processing while remaining a simple > request. Explicit credentials passed to open() are prohibited for all > cross-origin requests, Have you set withCredentials = true; ? > and url-embedded credentials seem to trigger > the same prohibition. An Authorization header is non-simple. > Certificates would be rather gigantically difficult in the testing > environment I'm working with. There's talk of cookies, but those would > also make the request non-simple, wouldn't they? > > -- ................................................................ *Sencha* Jarred Nicholls, Senior Software Architect @jarrednicholls <http://twitter.com/jarrednicholls>