CORS - Using AJAX to post on a Python (webapp2) web service

Question

This is going to be long:

Ok so I\'m developing a google calendar gadget which sends requests to a Python webapp2 REST api hosted on Google App Engine.

The p

Answer 1

I just want to point out a detail that might help others:

Browsers differ in how they handle the "Access-Control-Allow-Orgin" header. For example, I found that Chrome blocks cross domain posts when the header value is a wildcard (*) as in the solution code above. It considers it too liberal and wants a specific origin. Yet, other browsers such as IE and FireFox did not care.

So if you want to build a cross browser solution it would be best set the value of "Access-Control-Allow-Origin" to the Origin value sent with the request.

If you're using SSL then you'll encounter some other differences that will need to be tested as well.

And if you need a lightweight solution this can all be done with POJS (plain-old-JavaScript) without resorting to jQuery. Just wire up the window.XDomainRequest for IE8+ and the window.XMLHttpRequest for other browsers and you're in business.