I am using the forcetk proxy so that I can send AJAX requests and not have to worry about the cross domain restrictions.

The sequence is:

1. I am on page in myapp.

   myapp.na9.visual.force.com/apex/OpportunityMap?id=a0AE0000007S5OyMAK

2. I want to send ajax rest request to

   https://na9.salesforce.com/services/data/v20.0/query/?q=SELECT+Id,Name,FirstName,LastName+FROM+User+WHERE+Id+IN+BLAH+BLAH ...

But I can't. So I go thru the forcetk proxy which sends request to:

myapp.na9.visual.force.com/services/proxy?_=1366822377588

with the header:

Saleforce endpoing: na9.salesforce.com/services/data/v20.0/query/?q=SELECT+Id,Name,FirstName,LastName+FROM+User+WHERE+Id+IN+BLAH+BLAH ...

All super. However, if the session has timed out a 302 is returned. I see this in fiddler. The location header is back to salesforce page.

Location: https://na9.salesforce.com/visualforce/s...

This is fair enough. Salesforce is trying to redirect you to the login page because your login has timed out.

However, this HTTP response is never returned to the actual page. It looks like both IE and firefox detect that this is a cross domain restriction threat. Why? Because the original page that made the ajax request is in a different domain. This is fair enough. Why should a browser let a redirected ajax request go to another domain? This is a violation of cross domain restrictions.

Now, forcetk makes cross domain requests possible for ajax requests in the first place. But it does not seem to be able to handle redirects that go to the same domain the service endpoint is actually on. I am wondering is there any way it could be expanded or if there is anything I could do to be able to get around this?

Currently, if you are using forcetk you can't really deal with with AJAX requests when your session times out.