Fixes #8423. Never set X-Requested-With header automagically for cross-domain requests.

This commit is contained in:
jaubourg 2011-03-07 00:42:09 +01:00
parent 2d0bc7ce72
commit 6c124d3dd4

View File

@ -92,11 +92,12 @@ if ( jQuery.support.ajax ) {
xhr.overrideMimeType( s.mimeType ); xhr.overrideMimeType( s.mimeType );
} }
// Requested-With header // X-Requested-With header
// Not set for crossDomain requests with no content // For cross-domain requests, seeing as conditions for a preflight are
// (see why at http://trac.dojotoolkit.org/ticket/9486) // akin to a jigsaw puzzle, we simply never set it to be sure.
// Won't change header if already provided // (it can always be set on a per-request basis or even using ajaxSetup)
if ( !( s.crossDomain && !s.hasContent ) && !headers["X-Requested-With"] ) { // For same-domain requests, won't change header if already provided.
if ( !s.crossDomain && !headers["X-Requested-With"] ) {
headers[ "X-Requested-With" ] = "XMLHttpRequest"; headers[ "X-Requested-With" ] = "XMLHttpRequest";
} }