Safari fails CORS request after 302 redirect

Question

I have problem with the way Safari handles CORS requests. Consider following scenario:

1. DomainA hosts a page which makes a XHR request to DomainB (origin header

Answer 1

I was experiencing this issue as well and found this bug from 2012 that appears to be describing it. Running the test code referenced in the bug in FF / Chrome / Safari yielded failures only in Safari. It appears that the bug has not been patched.

Ultimately to get around this, I modified our HTTP API to add an optional query parameter to trigger a different response that returned a 200 OK with a JSON body containing the url that the client was to follow. Unfortunately if you're a consumer of someone else's HTTP API this won't help much.