Notas de Desarrollo

Google Loader Developer's Guide:

google.load(moduleName, moduleVersion, optionalSettings) allows you to call individual APIs by version.

optionalSettings specifies all optional configuration options for the API you are loading as a JavaScript? object literal. Different APIs have different options as listed in available APIs. The possible properties are:

  • callback: The function to call once the script has loaded. If using the Auto-loading feature, this must specify a function name, not a function reference.

Google Identity Platform Client-side (JavaScript) application

Visible signature in all pages

Sobre CORS

Cross-Domain Cookies

Cross-Domain Cookies

Para que las solicitudes de dominios cruzados funcionen es necesario habilitar CORS. En el caso de cookies se utiliza la política del mismo origen, en este sentido si se habilita CORS se pueden recibir y usar las cookies de un servidor B para establecer una sesión persistente desde el servidor A al servidor B.

En el servidor B se debe configurar el CORS para que responda Access-Control-Allow-Credentials: true en el encabezado de respuesta.

En el servidor A se debe utilizar la bandera withCredentials en todas las peticiones agregando xhrFields: {withCredentials: true}


  // The 'type' property sets the HTTP method.
  // A value of 'PUT' or 'DELETE' will trigger a preflight request.
  type: 'GET',

  // The URL to make the request to.
  url: '',

  // The 'contentType' property sets the 'Content-Type' header.
  // The JQuery default for this property is
  // 'application/x-www-form-urlencoded; charset=UTF-8', which does not trigger
  // a preflight. If you set this value to anything other than
  // application/x-www-form-urlencoded, multipart/form-data, or text/plain,
  // you will trigger a preflight request.
  contentType: 'text/plain',

  xhrFields: {
    // The 'xhrFields' property sets additional fields on the XMLHttpRequest.
    // This can be used to set the 'withCredentials' property.
    // Set the value to 'true' if you'd like to pass cookies to the server.
    // If this is enabled, your server must respond with the header
    // 'Access-Control-Allow-Credentials: true'.
    withCredentials: false

  headers: {
    // Set any custom headers here.
    // If you set any non-simple headers, your server must include these
    // headers in the 'Access-Control-Allow-Headers' response header.

  success: function() {
    // Here's where you handle a successful response.

  error: function() {
    // Here's where you handle an error response.
    // Note that if the error was due to a CORS issue,
    // this function will still fire, but there won't be any additional
    // information about the error.


En el caso de consumir recursos del servicio murachi con Ajax:

                //url: "",                
                url: "",
                type: "post",
                dataType: "json",
                data: formData,
                cache: false,
                contentType: false,                
				processData: false,
				// Set the value to 'true' if you'd like to pass cookies to the server.
				// If this is enabled, your server must respond with the header                
				// 'Access-Control-Allow-Credentials: true'.
				xhrFields: {withCredentials: true},
				headers: {"Authorization":"Basic YWRtaW46YWRtaW4="},
				success: function(response) {
						var html = manejoJsonPDF(JSON.stringify(response));
						//alert("ver respuesta")
						document.getElementById("respuesta").innerHTML = html;
Last modified 16 months ago Last modified on May 5, 2017, 11:08:10 AM