[whatwg] Server-Sent Events and CORS

Anne van Kesteren annevk at opera.com
Mon Sep 5 01:44:16 PDT 2011

On Mon, 05 Sep 2011 10:42:07 +0200, Tomi <bosak.tomas at gmail.com> wrote:
> I was recently doing some experiments with Server-Sent Events
> technology and come to an issue when EventSource url resource is from
> a different origin (in my case different subdomain). When this happens
> Chrome 13 gives this:
> Uncaught Error: SECURITY_ERR: DOM Exception 18
> and Firefox 6 this:
> Firefox can't establish a connection to the server at ...url...
> In my case requested EventSource url resource is using CORS specific
> Access-Control-Allow-Origin header, but this doesn't help. So here
> comes my question: does Server-Sent Events EventSource meant to
> support CORS enabled url resource or this is a problem of browser
> vendors (or maybe some other problem which I'm not aware of). Thanks
> for your time and help.

Chrome implements an older version of the specification that had the wrong  
error handling. Soon browsers will handle CORS here though.

Anne van Kesteren

More information about the whatwg mailing list