Having some bad luck with getting amazon AWS security token from jQuery or XMLHttpRequest. When I send a HTTP GET from jQuery or XmlHttpRequest, I get "Origin http:// MY_IP is not allowed by Access-Control-Allow-Origin.", but if I paste the same URL in my browser, it all goes fine.
My code:
var url_ = "https://sts.amazonaws.com/?Action=GetSessionToken" + "&DurationSeconds=3600" + "&AWSAccessKeyId=" + AccessKeyId + "&Version=2011-06-15" + "&Timestamp=" + encode(timestamp) + "&Signature=" + encode(hash) + "&SignatureVersion=2&SignatureMethod=HmacSHA256"; $.get(url_, function(data) { alert("response: "+data); }); My Headers:
Response Headers
Accept-Ranges bytes
Age 198
Connection Keep-Alive
Content-Length 3739
Content-Type text/html
Date Mon, 25 Jun 2012 17:48:20 GMT
Etag "48c4862-e9b-4c34f76b13400"
Last-Modified Mon, 25 Jun 2012 17:39:28 GMT
Proxy-Connection Keep-Alive
Server Apache/2.2.21 (Unix) mod_ssl/2.2.21 OpenSSL/0.9.8r DAV/2 PHP/5.3.10 with Suhosin-Patch
Request Headers
Accept text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Encoding gzip, deflate
Accept-Language en-us,en;q=0.5
DNT 1
Host MY_IP
If-Modified-Since Mon, 25 Jun 2012 17:13:16 GMT
If-None-Match "48c127c-ea2-4c34f18fe6300"
Proxy-Connection keep-alive
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20100101 Firefox/12.0
Browser headers (if used URL in browser)
Response Headers
Content-Length 808
Content-Type text/xml
Date Mon, 25 Jun 2012 17:31:54 GMT
x-amzn-RequestId a854ff13-beeb-11e1-b3ac-0147da731d96
Request Headers
Accept text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Encoding gzip, deflate
Accept-Language en-us,en;q=0.5
Connection keep-alive
DNT 1
Host sts.amazonaws.com
User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20100101 Firefox/12.0
I tried some code from http://www.html5rocks.com/en/tutorials/cors/ , but no luck
Any help is appreciated