webworker and xmlhttprequest use is causing an origin error

Question

I'm having some problems trying to get a background upload system working using WebWorkers and XHR.

On the server-side I'm using the python tornado web server. The handler for the url looks like:

class FileHandler(RequestHandler):

    def put(self,fileid):
        self.set_header('Access-Control-Allow-Origin', '*')
        ...

on the client side I'm using XHR (since I'm trying to get this working from a WebWorker). it looks like

uploadFile = (file,url) ->
    xhr = new XMLHttpRequest()
    xhr.open('PUT',url)
    xhr.onload = (event) ->
         ...
    xhr.send()

If I use this function from the main thread it works, but if I use it from my WebWorker it fails with a origin not allowed error, even though it seems like setting the 'Access-Control-Allow-Origin' to '*' should allow it to work.

Answer 1

OK, I got this to work by making some server side changes in my tornado code

class FileHandler(RequestHandler):

    def put(self,fileid):
        self.set_header('Access-Control-Allow-Origin', '*')
        ...

    def options(self,fileid):
        self.set_header('Access-Control-Allow-Origin', '*')
        self.set_header('Access-Control-Allow-Methods', 'GET, PUT, OPTIONS')

The options verb is needed to pass the appropriate header info during the negotion with the client's XHR request. I also needed to resend the headers in the actual response, otherwise it still failed. Would be interested in any comments that further explain the situation as my understanding of this "fix" is shaky.