Ticket #4462 (closed enhancement: fixed)
allow for signing json/jsonp urls via an additional callback paramater to $.ajax
| Reported by: | woody@… | Owned by: | |
|---|---|---|---|
| Priority: | high | Milestone: | 1.5 |
| Component: | ajax | Version: | 1.4.4 |
| Keywords: | Cc: | ||
| Blocking: | Blocked by: | #5500 |
Description
It would be great to have for all $.ajax variants, but in particular for jsonp, it is not possible to use signed url schemes with the current url construction mechanism. In particular, the actual url is constructed deep inside the ajax function, and thus cannot be properly signed by the caller.
I propose adding a callback function the ajax method (and all variants) that accepts the url as it is about to be used, and allows the developer to return a new url, namely in this case, one that is signed. I could envision concerns, and would accept returning only a mapping of key/values that would be added to the end of the url, so as to not modify the existing url.
Either of these mechanisms would allow for me to sign a request with a shared secret and make a json/jsonp call with a proper signature of the url.
Change History
Please follow the bug reporting guidlines and use jsFiddle when providing test cases and demonstrations instead of pasting the code in the ticket.
When/if .beforeSend() is implemented for JSONP requests it would be possible to sign/modify the url there.