diff options
| author | jaubourg <j@ubourg.net> | 2011-03-07 00:42:09 +0100 |
|---|---|---|
| committer | jaubourg <j@ubourg.net> | 2011-03-07 00:42:09 +0100 |
| commit | 6c124d3dd47fb399c7512c5c3b3420e438c32b65 (patch) | |
| tree | fc8b59a9f8debf20e76b78ff2c88abfce2533805 /src/ajax/xhr.js | |
| parent | 2d0bc7ce72ab8d64da0506a88c8cc543ce3ceaba (diff) | |
| download | jquery-6c124d3dd47fb399c7512c5c3b3420e438c32b65.tar.gz jquery-6c124d3dd47fb399c7512c5c3b3420e438c32b65.zip | |
Fixes #8423. Never set X-Requested-With header automagically for cross-domain requests.
Diffstat (limited to 'src/ajax/xhr.js')
| -rw-r--r-- | src/ajax/xhr.js | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/ajax/xhr.js b/src/ajax/xhr.js index a6473dd87..5dbc33d3f 100644 --- a/src/ajax/xhr.js +++ b/src/ajax/xhr.js @@ -92,11 +92,12 @@ if ( jQuery.support.ajax ) { xhr.overrideMimeType( s.mimeType ); } - // Requested-With header - // Not set for crossDomain requests with no content - // (see why at http://trac.dojotoolkit.org/ticket/9486) - // Won't change header if already provided - if ( !( s.crossDomain && !s.hasContent ) && !headers["X-Requested-With"] ) { + // X-Requested-With header + // For cross-domain requests, seeing as conditions for a preflight are + // akin to a jigsaw puzzle, we simply never set it to be sure. + // (it can always be set on a per-request basis or even using ajaxSetup) + // For same-domain requests, won't change header if already provided. + if ( !s.crossDomain && !headers["X-Requested-With"] ) { headers[ "X-Requested-With" ] = "XMLHttpRequest"; } |