Branden Tanga
2010-Jul-21 12:16 UTC
rails partials violate javascripts "same origin policy"?
Hello, In my rails application.html.erb, I have in javascript, an ajax post call defined in a dom element''s click method. This ajax call works fine whenever I''m at a view that is a standard render. However, whenever I''m at anything that is rendered using a rails partial, I get a 405 "method not allowed" error on that ajax post. All my googling points to 405 errors commonly being caused by violating a brower''s "same origin policy" for javascript requests. Does doing an ajax request from a rails partial really cause a "same origin policy" violation? If so, why? -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Frederick Cheung
2010-Jul-21 13:30 UTC
Re: rails partials violate javascripts "same origin policy"?
On Jul 21, 1:16 pm, Branden Tanga <li...-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote:> Hello, > > In my rails application.html.erb, I have in javascript, an ajax post > call defined in a dom element''s click method. This ajax call works fine > whenever I''m at a view that is a standard render. However, whenever I''m > at anything that is rendered using a rails partial, I get a 405 "method > not allowed" error on that ajax post. All my googling points to 405 > errors commonly being caused by violating a brower''s "same origin > policy" for javascript requests. > > Does doing an ajax request from a rails partial really cause a "same > origin policy" violation? If so, why?if you try and break the same origin policy you shouldn''t get a 405 error - the request just doesn''t get made. Method not allowed means that the method of the http request (GET, POST etc...) isn''t one allowed by the server for that URI Fred> -- > Posted viahttp://www.ruby-forum.com/.-- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.
Branden Tanga
2010-Jul-22 05:23 UTC
Re: rails partials violate javascripts "same origin policy"?
Frederick Cheung wrote:> On Jul 21, 1:16�pm, Branden Tanga <li...-fsXkhYbjdPsEEoCn2XhGlw@public.gmane.org> wrote: >> Does doing an ajax request from a rails partial really cause a "same >> origin policy" violation? If so, why? > > if you try and break the same origin policy you shouldn''t get a 405 > error - the request just doesn''t get made. Method not allowed means > that the method of the http request (GET, POST etc...) isn''t one > allowed by the server for that URI > > FredHello, Would you have any pointers as to how I could research this further? Why would mongrel allow me to do an ajax post to /cart from /users, but the doing an ajax post to /cart from /users/new is not allowed? -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com. For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.