Chrome 5 refused to get unsafe header xjson

[nige...@googlemail.com]

I have the following request in my app. It works fine in Safari 5.

new Ajax.Request('http://x.x.x.x:3000/posts.js',
{
method:'get',
requestHeaders: {Accept: 'application/json'},
onSuccess: function(transport){
var response = transport.responseText;
var posts = response.evalJSON();
etc....
}
});

In chrome 5 I get the error Refused to get unsafe header "X-JSON".

When I point the chrome browser at my url json is returned but with
the warning:
Resource interpreted as document but transferred with MIME type text/
javascript.

The content type in the request is application/x-www-form-urlencoded.

Any ideas?

Nige

[Richard Quadling]

On 15 September 2010 12:28, nige...@googlemail.com

> --
> You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group.
> To post to this group, send email to prototype-s...@googlegroups.com.
> To unsubscribe from this group, send email to prototype-scripta...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/prototype-scriptaculous?hl=en.
>
>

What type is the response for http://x.x.x.x:3000/posts.js

--
Richard Quadling
Twitter : EE : Zend
@RQuadling : e-e.com/M_248814.html : bit.ly/9O8vFY

[nige...@googlemail.com]

Thanks for response Richard. Not sure exactly what you mean.

The response from the server when I key in the url directly to chrome
is a json array/hash of previously entered data:

[{"post":
{"device":"palm","location":"dublin","created_at":"2010-09-09T06:03:58Z","updated_at":"2010-09-09T06:03:58Z","nickname":"nige","level":
82,"id":1,"devid":"001000230","score":200,"message":"my score sucks"}},
{"post":
{"device":"iphone","location":"london","created_at":"2010-09-09T17:13:20Z","updated_at":"2010-09-09T17:13:20Z","nickname":"greg","level":
54,"id":2,"devid":"465465468","score":6000,"message":"Check it out.
Love this game!!"}}}

Matches what I entered. So that's ok.

The server is a Rails server. Webrick outputs the following when I use
the code from my first post:

Processing ApplicationController#index (for y.y.y.221 at 2010-09-15
14:59:22) [OPTIONS]

But by directly keying in the url to chrome Rails responds with:

Processing PostsController#index to js (for y.y.y.221 at 2010-09-15
15:01:16) [GET]

It's like the request is not understood by Rails.Or it is malformed
somehow. It doesn't get it's a GET request and bypasses the
PostsController.




On Sep 15, 2:21 pm, Richard Quadling <rquadl...@gmail.com> wrote:
> On 15 September 2010 12:28, nigeke...@googlemail.com

>
>
>
>
>
> <nigeke...@googlemail.com> wrote:
> > I have the following request in my app. It works fine in Safari 5.
>
> > new Ajax.Request('http://x.x.x.x:3000/posts.js',
> >        {
> >            method:'get',
> >            requestHeaders: {Accept: 'application/json'},
> >            onSuccess: function(transport){
> >                    var response = transport.responseText;
> >                    var posts = response.evalJSON();
> >                     etc....
> >             }
> >      });
>
> > In chrome 5 I get the error Refused to get unsafe header "X-JSON".
>
> > When I point the chrome browser at my url json is returned but with
> > the warning:
> > Resource interpreted as document but transferred with MIME type text/
> > javascript.
>
> > The content type in the request is application/x-www-form-urlencoded.
>
> > Any ideas?
>
> > Nige
>
> > --
> > You received this message because you are subscribed to the Google Groups "Prototype & script.aculo.us" group.
> > To post to this group, send email to prototype-s...@googlegroups.com.
> > To unsubscribe from this group, send email to prototype-scripta...@googlegroups.com.

> > For more options, visit this group athttp://groups.google.com/group/prototype-scriptaculous?hl=en.
>
> What type is the response forhttp://x.x.x.x:3000/posts.js

[Richard Quadling]

On 15 September 2010 16:17, nige...@googlemail.com

>> What type is the response forhttp://x.x.x.x:3000/posts.js

But what are the HTTP headers?

In PHP ...

// Send X-JSON / application/json headers and content if possible.
if (!headers_sent())
{
if (False !== $a_JSON['Header'])
{
$a_JSON['Header']['Queries'] = $a_Query;
$a_JSON['Header']['Session'] = $_SESSION;
header('X-JSON: ' . json_encode($a_JSON['Header']));
}
if (False !== $a_JSON['Detail'])
{
header('Content-type: application/json');
sort($a_JSON['Detail']);
echo json_encode($a_JSON['Detail']);
}
}

From that, in JavaScript, I can use ...

response.headerJSON and response.responseJSON

Without the headers, things don't work properly as the browser assumes
it is text or html coming down the line.

[nige...@googlemail.com]

Thanks Richard.

I'm just using the render json option in Rails. I don't know how to
query header contents.

Using curl I get:
HTTP/1.1 200 OK
Etag: "c420691e7608d694896d67415bec23d7"
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Date: Thu, 16 Sep 2010 09:51:10 GMT
Server: WEBrick/1.3.1 (Ruby/1.8.7/2010-01-10)
X-Runtime: 114
Content-Length: 2062
Cache-Control: private, max-age=0, must-revalidate

This is the header right?

What do I need to do with this?

Nigel



On Sep 15, 6:13 pm, Richard Quadling <rquadl...@gmail.com> wrote:
> On 15 September 2010 16:17, nigeke...@googlemail.com

>
>
>
>
>
> <nigeke...@googlemail.com> wrote:
> > Thanks for response Richard. Not sure exactly what you mean.
>
> > The response from the server when I key in the url directly to chrome
> > is a json array/hash of previously entered data:
>
> > [{"post":

> > {"device":"palm","location":"dublin","created_at":"2010-09-09T06:03:58Z","u pdated_at":"2010-09-09T06:03:58Z","nickname":"nige","level":

[Richard Quadling]

On 16 September 2010 11:21, nige...@googlemail.com
<nige...@googlemail.com> wrote:
> Content-Type: application/json;

That's the important bit.

So, now your JSON data will be in ...

transport.responseJSON

You don't need to evalJS() as JSON is JS.

[nige...@googlemail.com]

Still not working in Chrome. Still getting the same error.

I tried with transport.responseJSON and transport.headerJSON.

The only positive difference is that the rails webrick server now
shows the request going to the correct controller and it executes the
query. It was not doing this before.

This is very annoying,

I appreciate your help Richard.



On Sep 16, 1:46 pm, Richard Quadling <rquadl...@gmail.com> wrote:
> On 16 September 2010 11:21, nigeke...@googlemail.com

[nige...@googlemail.com]

I think I'm being caught out by the SOP.

My app is a phonegap app and so it's domain is the client machine so
to speak.

When I try to talk to the server from the client Chrome enforces the
SOP. The status of the transport object is 0 in Chrome debugger.

I'm looking at jsonp solutions. My understanding is that you need
Rails to render

function myFunc () { return JSON }

ie you're just downloading a js file that contains your JSON.

Once downloaded the myFunc can be called and the JSON returned.

What's a simple way to manipulate the render json output in rails to
get jsonp.

Nigel


On Sep 16, 8:42 pm, "nigeke...@googlemail.com"