XMLHttpRequest setRequestHeader and Referer header

[Artem Krylysov]

Hi, i'm trying to set Referer header in AJAX call from background
page, but it doesn't work :(

var req = new XMLHttpRequest();
req.open('GET', 'http://test1.com/', true);
req.setRequestHeader('Referer', 'http://test2.com/');
req.send(null);

what's wrong?

[Adam Barth]

Setting the Referer header is blocked for security reasons:

http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method

Adam

> --
> You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
> To post to this group, send email to chromium-...@chromium.org.
> To unsubscribe from this group, send email to chromium-extens...@chromium.org.
> For more options, visit this group at http://groups.google.com/a/chromium.org/group/chromium-extensions/?hl=en.
>
>

[Jeremiah Heisenberg]

Hey man, how do you explain tampermonkey then? Works completly fine with it. 

Am Dienstag, 7. September 2010 23:14:05 UTC+2 schrieb Adam Barth:

Setting the Referer header is blocked for security reasons:

http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method

Adam

On Tue, Sep 7, 2010 at 11:12 AM, Artem Krylysov <kad...@gmail.com> wrote:
> Hi, i'm trying to set Referer header in AJAX call from background
> page, but it doesn't work :(
>
> var req = new XMLHttpRequest();
> req.open('GET', 'http://test1.com/', true);
> req.setRequestHeader('Referer', 'http://test2.com/');
> req.send(null);
>
> what's wrong?
>
> --
> You received this message because you are subscribed to the Google Groups "Chromium-extensions" group.
> To post to this group, send email to chromium-...@chromium.org.

> To unsubscribe from this group, send email to chromium-extensions+unsub...@chromium.org.