Side navigation
#1987 closed bug (fixed)
Opened November 28, 2007 05:14PM UTC
Closed December 11, 2007 08:18PM UTC
.ajax with dataType: 'script' and type: 'POST' performs a GET Request
| Reported by: | developingchris | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | 1.2.2 |
| Component: | ajax | Version: | 1.2 |
| Keywords: | Cc: | ||
| Blocked by: | Blocking: |
Description
I did the above test case based on your title and it appears to me a 'post' is done, not a 'get'. So based on the title I'd say this works for me. I still don't understand what the patch is supposed to do even if it didn't work so feel free to reopen the bug with more details and a new test case if it seems appropriate.
Attachments (3)
Change History (5)
Changed November 30, 2007 01:47AM UTC by comment:1
| need: | Review → Test Case |
|---|
Changed November 30, 2007 01:57AM UTC by comment:2
| description: | → I did the above test case based on your title and it appears to me a 'post' is done, not a 'get'. So based on the title I'd say this works for me. I still don't understand what the patch is supposed to do even if it didn't work so feel free to reopen the bug with more details and a new test case if it seems appropriate. |
|---|---|
| priority: | critical → major |
| resolution: | → worksforme |
| status: | new → closed |
Changed December 07, 2007 08:02PM UTC by comment:3
| resolution: | worksforme |
|---|---|
| status: | closed → reopened |
Please modify your test to use a fully qaulified url. Since that is the #1 trigger to get to the XD scripting block. I have a site that uses https:// and subdomains for user accounts, so almost all urls must be fully qualified in order to avoid security warnings. When a protocol is passed in the url it will always be a GET, I am sorry that this wasn't in the original ticket.
Changed December 10, 2007 05:26PM UTC by comment:4
Based on my understanding of the jQuery ajax code, there are two basic ways that jQuery can request data. One is the XMLHttpRequest and the other is through a dynamically created <script> tag.
Unfortunately, the XMLHttpRequest specifically prohibits using a fully qualified domain (like http://www.example.com) by its same-origin security model.
That means all cross-domain ajax must be through the <script> tag and I'm not aware of a method to change the way a browser requests the script from a GET to a POST. I believe all your patch would do is throw an error when XMLHttpRequest gets a fully qualified domain.
I'll check to see if someone else has an idea but I suspect this will be closed again without a fix. If you have another idea feel free to post it here.
Changed December 11, 2007 08:18PM UTC by comment:5
| need: | Test Case → Review |
|---|---|
| priority: | major → minor |
| resolution: | → fixed |
| status: | reopened → closed |
Fixed in [4106] such that any non-GET requests are passed on to XMLHttpRequest since a <script> type ajax request can only use GET.
I'm thinking about this and I'm not sure I understand what the bug is. The title says if you have 'script' and 'post' then the code is doing a 'get'. But the proposed solution is to create a new type of dataType called 'xdscript'.
So what is the actual problem? How does the solution fix it? I think I'm missing something. Please attach a test case that demonstrates it if you can.