Dojo's xhrPost & Firefox

I have a login script that sends username/password as json to a server. It uses POST so on the client-side it's done with xhrPost. The problem is that when I try to login with Firefox, browser doesn't make POST request but instead it makes OPTIONS request and doesn't actually send any parameters. Code POSTs great in Chrome & Safari so there's definitely something going on with Firefox. Login server is on different IP:port so it's cross-domain request, I don't know if that matters.

Here's the code:

dojo.xhrPost({
    url: settings().get('login_server'),
    postData: dojo.toJson({username:user,password:pass}),
    handl开发者_开发知识库eAs: 'json',
    headers: { "Content-Type": "application/json", "Accept": "application/json"},
    load: function(data,status) { ... },
    error: function(error,status) { ... }
})

You cannot reliably use XMLHttpRequest across browsers to do a cross-domain post unless the server supports HTTP access control. That is why Dojo is doing an OPTIONS request, to check for the Access-Control-Allow-Origin header.

You can use dojo.io.iframe to POST to another domain, but checking for successful completion isn't possible unless the login endpoint returns a specially formatted page (basically containing JSON inside a textarea).

Browsers that support XMLHttpRequest Level 2 can make cross-domain requests. That is why it works in Chrome/Safari, etc.