AnsweredAssumed Answered

Cross Origin Resource Sourcing (CORS) with Safari 5.1.7

Question asked by geonetadmin on May 16, 2012
Latest reply on May 20, 2012 by geonetadmin
Original User: sjones

Hi All

I have found an issue with the Javascript RIA Viewer when run against non-IE browsers (Safari 5.1.7). I don't think it is an ESRI thing because the same web viewer works fine with Internet Explorer 8 and Internet Explorer 9.

I have managed to narrow the issue down to CORS (Cross Origin Resource Sharing), which is supported by ESRI.

The workaround for flex and Silverlight RIA's  has been to ensure crossdomain.xml and clientaccesspolicy.xml exists in the www root of the server. This implementation does not work for the javascript viewer.

Tested Platforms
I have been testing on Windows Safari, a Mini Mac and an IPAD.

The Javascript Viewer handles the security with Internet explorer on the same windows machine.

Error Messaging returns the following.

Failed to load resource: the server responded with a status of 405 (Method Not Allowed)

XMLHttpRequest cannot load http://vm-svr155/HBRC.EV.RESTServices/Config/Download/HBRC. Origin http://localhost is not allowed by Access-Control-Allow-Origin.

Further debugging from Fiddler show

This request did not send any cookie data.

I have set up my web.config to include the client access policies and the requests to include Access-Control-Allow-Origin to be �??*�?�.

Apple devices are becoming popular field devices and should really need to be supported.

You�??ll see the html request is formed differently between the internet explorer and non-IE version.

Internet Explorer 9 �?? All Good
Safari 5.17 �?? Fails with Windows, Mini Mac and iPad

(Attached are the request logs from Fiddler)