I have GWT application that uses CORS and sets cookies. It works fine in Chrome, Firefox, Opera, but in IE10 (Version 10.0.9200.16521) I get this error:
SCRIPT5022: com.google.gwt.core.client.JavaScriptException: (InvalidStateError)
code: 11
ABORT_ERR: 20
DATA_CLONE_ERR: 25
DOMSTRING_SIZE_ERR: 2
HIERARCHY_REQUEST_ERR: 3
INDEX_SIZE_ERR: 1
INUSE_ATTRIBUTE_ERR: 10
INVALID_ACCESS_ERR: 15
INVALID_CHARACTER_ERR: 5
INVALID_MODIFICATION_ERR: 13
INVALID_NODE_TYPE_ERR: 24
INVALID_STATE_ERR: 11
NAMESPACE_ERR: 14
NETWORK_ERR: 19
NOT_FOUND_ERR: 8
NOT_SUPPORTED_ERR: 9
NO_DATA_ALLOWED_ERR: 6
NO_MODIFICATION_ALLOWED_ERR: 7
PARSE_ERR: 81
QUOTA_EXCEEDED_ERR: 22
SECURITY_ERR: 18
SERIALIZE_ERR: 82
SYNTAX_ERR: 12
TIMEOUT_ERR: 23
TYPE_MISMATCH_ERR: 17
URL_MISMATCH_ERR: 21
VALIDATION_ERR: 16
WRONG_DOCUMENT_ERR: 4: InvalidStateError
B3D7C8F35C000AA1ADFE700845710C1A.cache.html, line 1102 character 7
I see that the error is thrown when this is execute:
xhr.withCredentials = true;
Here is GWT javascript code:
function create_3(){
var xhr;
if ($wnd.XMLHttpRequest) {
xhr = new $wnd.XMLHttpRequest;
}
else {
try {
xhr = new $wnd.ActiveXObject('MSXML2.XMLHTTP.3.0');
}
catch (e) {
xhr = new $wnd.ActiveXObject('Microsoft.XMLHTTP');
}
}
xhr.withCredentials = true;
return xhr;
}
I found this post: Make a CORS request in IE9 with cookies?
However I upgraded to IE10 and it didn't make any difference.
Anyone else experiencing similar problem?
I had a similar problem (using CORS in general, not specifically GWT). It turned out that the browser settings were blocking third-party cookies (IE10 > Internet Options > Privacy > Advanced > Third Party Cookies > Accept). To solve the problem, I checked "Override automatic cookie handling", "Accept" (Third-party Cookies) and "Always allow session cookies."
Asking users to reconfigure their browsers to allow all 3rd party cookies isn't likely to be successful. The proper fix here is to ensure that the target 3rd-party resource has a P3P policy which is acceptable for use on resources used in 3rd party contexts. http://blogs.msdn.com/b/ieinternals/archive/2013/09/17/simple-introduction-to-p3p-cookie-blocking-frame.aspx
来源:https://stackoverflow.com/questions/15626965/cors-doesnt-work-with-cookies-in-ie10