mirror of
https://github.com/jquery/jquery.git
synced 2024-11-23 02:54:22 +00:00
Fixes #8423. Never set X-Requested-With header automagically for cross-domain requests.
This commit is contained in:
parent
2d0bc7ce72
commit
6c124d3dd4
@ -92,11 +92,12 @@ if ( jQuery.support.ajax ) {
|
|||||||
xhr.overrideMimeType( s.mimeType );
|
xhr.overrideMimeType( s.mimeType );
|
||||||
}
|
}
|
||||||
|
|
||||||
// Requested-With header
|
// X-Requested-With header
|
||||||
// Not set for crossDomain requests with no content
|
// For cross-domain requests, seeing as conditions for a preflight are
|
||||||
// (see why at http://trac.dojotoolkit.org/ticket/9486)
|
// akin to a jigsaw puzzle, we simply never set it to be sure.
|
||||||
// Won't change header if already provided
|
// (it can always be set on a per-request basis or even using ajaxSetup)
|
||||||
if ( !( s.crossDomain && !s.hasContent ) && !headers["X-Requested-With"] ) {
|
// For same-domain requests, won't change header if already provided.
|
||||||
|
if ( !s.crossDomain && !headers["X-Requested-With"] ) {
|
||||||
headers[ "X-Requested-With" ] = "XMLHttpRequest";
|
headers[ "X-Requested-With" ] = "XMLHttpRequest";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user