git.asbjorn.biz / jquery.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 2d0bc7c)
Fixes #8423. Never set X-Requested-With header automagically for cross-domain requests.
authorjaubourg <j@ubourg.net>
Sun, 6 Mar 2011 23:42:09 +0000 (00:42 +0100)
committerjaubourg <j@ubourg.net>
Sun, 6 Mar 2011 23:42:09 +0000 (00:42 +0100)
src/ajax/xhr.js patch | blob | history

diff --git a/src/ajax/xhr.js b/src/ajax/xhr.js
index a6473dd..5dbc33d 100644 (file)
--- a/src/ajax/xhr.js
+++ b/src/ajax/xhr.js
@@ -92,11 +92,12 @@ if ( jQuery.support.ajax ) {
                                                xhr.overrideMimeType( s.mimeType );
                                        }
 
-                                       // Requested-With header
-                                       // Not set for crossDomain requests with no content
-                                       // (see why at http://trac.dojotoolkit.org/ticket/9486)
-                                       // Won't change header if already provided
-                                       if ( !( s.crossDomain && !s.hasContent ) && !headers["X-Requested-With"] ) {
+                                       // X-Requested-With header
+                                       // For cross-domain requests, seeing as conditions for a preflight are
+                                       // akin to a jigsaw puzzle, we simply never set it to be sure.
+                                       // (it can always be set on a per-request basis or even using ajaxSetup)
+                                       // For same-domain requests, won't change header if already provided.
+                                       if ( !s.crossDomain && !headers["X-Requested-With"] ) {
                                                headers[ "X-Requested-With" ] = "XMLHttpRequest";
                                        }
 
JQuery