Skip to content

Instantly share code, notes, and snippets.

@liester
liester / XMLHttpRequest Hell
Created December 29, 2016 20:18
I'm trying to figure out why if I use line 24, which the ?access_token included in the URL, everything is fine. But if I try to use the Authorization header on the XMLHttpRequest it get a 403 from api.genius.com
<script>
// Create the XHR object.
function createCORSRequest(method, url, authorizationToken) {
var xhr = new XMLHttpRequest();
if ("withCredentials" in xhr) {
// XHR for Chrome/Firefox/Opera/Safari.
xhr.open(method, url, true);
xhr.setRequestHeader("Authorization", authorizationToken);
} else if (typeof XDomainRequest != "undefined") {
-8
-13
+17
+7
+12
-18
+19
+14
-19
+16