Access Control - Calling Agent from a web app

When calling my Agent via POST from javascript on my website I am getting no response from Firefox and a warning each time from Explorer “This page is accessing information that is not under its control. This…” Can anyone explain the correct protocol for doing this please?

Assume you are running the web page from your web site then connecting to Agent? Do you run FireBug? Are you using a HTML Form POST or using JavaScript?

My webpage is calling imp agent (not on same domain). I am using javascript. and I can invoke using: “”, “POST” )
XMLHttpRequest.setRequestHeader( “Origin”, “http://www.mywebdomain” )
XMLHttpRequest.setRequestHeader( “Content-Length”, “12” )
XMLHttpRequest.setRequestHeader( "Content-Type, “application/x-www-form-urlencoded” )

and in an agent I use:

    res.header( "Access-Control-Allow-Origin", "http://www.mywebdomain" );        
    res.header( "Access-Control-Allow-Methods", "POST" );
    res.header( "Access-Control-Allow-Headers", "Content-Type" );
    res.header( "Access-Control-Allow-Headers", "Content-length");
    res.send( 200, "The temperature at home is " + format( "%3.1fC", msg.temperature ) );

And this is partialy working in Firefox (no XML Headers returned), but gives warning in Explorer and then works.

Does using a wild card work?
res.header(“Access-Control-Allow-Origin: *”);
Have you missed the colon: at the end of each Origin,Methods etc

Yes wildcard works in exactly the same way as domain. Yes I have missed the colons, think the IMP commands are inserting these as it fails completly if i put them in?

Sure this is something realy simple. Its just not jumping out at me.

I don’t know whether it’s related to your actual problem, but this isn’t going to do what you expect:res.header( "Access-Control-Allow-Headers", "Content-Type" ); res.header( "Access-Control-Allow-Headers", "Content-length");

The agent HTTP implementation doesn’t deal with repeated headers. You need to combine those into a single header:res.header( "Access-Control-Allow-Headers", "Content-Type, Content-length");