gwt - CORS doesn't work with cookies in IE10

Question

I have GWT application that uses CORS and sets cookies. It works fine in Chrome, Firefox, Opera, but in IE10 (Version 10.0.9200.16521) I get this error:

SCRIPT5022: com.google.gwt.core.client.JavaScriptException: (InvalidStateError) 
 code: 11
 ABORT_ERR: 20
 DATA_CLONE_ERR: 25
 DOMSTRING_SIZE_ERR: 2
 HIERARCHY_REQUEST_ERR: 3
 INDEX_SIZE_ERR: 1
 INUSE_ATTRIBUTE_ERR: 10
 INVALID_ACCESS_ERR: 15
 INVALID_CHARACTER_ERR: 5
 INVALID_MODIFICATION_ERR: 13
 INVALID_NODE_TYPE_ERR: 24
 INVALID_STATE_ERR: 11
 NAMESPACE_ERR: 14
 NETWORK_ERR: 19
 NOT_FOUND_ERR: 8
 NOT_SUPPORTED_ERR: 9
 NO_DATA_ALLOWED_ERR: 6
 NO_MODIFICATION_ALLOWED_ERR: 7
 PARSE_ERR: 81
 QUOTA_EXCEEDED_ERR: 22
 SECURITY_ERR: 18
 SERIALIZE_ERR: 82
 SYNTAX_ERR: 12
 TIMEOUT_ERR: 23
 TYPE_MISMATCH_ERR: 17
 URL_MISMATCH_ERR: 21
 VALIDATION_ERR: 16
 WRONG_DOCUMENT_ERR: 4: InvalidStateError 
B3D7C8F35C000AA1ADFE700845710C1A.cache.html, line 1102 character 7

I see that the error is thrown when this is execute:

xhr.withCredentials = true;

Here is GWT javascript code:

function create_3(){
  var xhr;
  if ($wnd.XMLHttpRequest) {
    xhr = new $wnd.XMLHttpRequest;
  }
   else {
    try {
      xhr = new $wnd.ActiveXObject('MSXML2.XMLHTTP.3.0');
    }
     catch (e) {
      xhr = new $wnd.ActiveXObject('Microsoft.XMLHTTP');
    }
  }
  xhr.withCredentials = true;
  return xhr;
}

I found this post: Make a CORS request in IE9 with cookies?

However I upgraded to IE10 and it didn't make any difference.

Anyone else experiencing similar problem?

Answer 1

I had a similar problem (using CORS in general, not specifically GWT). It turned out that the browser settings were blocking third-party cookies (IE10 > Internet Options > Privacy > Advanced > Third Party Cookies > Accept). To solve the problem, I checked "Override automatic cookie handling", "Accept" (Third-party Cookies) and "Always allow session cookies."