Bug Tracker

Opened 13 years ago

Closed 13 years ago

#1987 closed bug (fixed)

.ajax with dataType: 'script' and type: 'POST' performs a GET Request

Reported by: developingchris Owned by:
Priority: minor Milestone: 1.2.2
Component: ajax Version: 1.2
Keywords: Cc:
Blocked by: Blocking:

Description (last modified by davidserduke)

I did the above test case based on your title and it appears to me a 'post' is done, not a 'get'. So based on the title I'd say this works for me. I still don't understand what the patch is supposed to do even if it didn't work so feel free to reopen the bug with more details and a new test case if it seems appropriate.

Attachments (3)

ajax_xdscript.patch (891 bytes) - added by developingchris 13 years ago.
patch to change cross domain script block to only execute on dataType xdscript
jquery_test.html (891 bytes) - added by davidserduke 13 years ago.
test case based on description
script.js (31 bytes) - added by davidserduke 13 years ago.
data for test case

Download all attachments as: .zip

Change History (8)

Changed 13 years ago by developingchris

Attachment: ajax_xdscript.patch added

patch to change cross domain script block to only execute on dataType xdscript

comment:1 Changed 13 years ago by davidserduke

need: ReviewTest Case

I'm thinking about this and I'm not sure I understand what the bug is. The title says if you have 'script' and 'post' then the code is doing a 'get'. But the proposed solution is to create a new type of dataType called 'xdscript'.

So what is the actual problem? How does the solution fix it? I think I'm missing something. Please attach a test case that demonstrates it if you can.

Changed 13 years ago by davidserduke

Attachment: jquery_test.html added

test case based on description

Changed 13 years ago by davidserduke

Attachment: script.js added

data for test case

comment:2 Changed 13 years ago by davidserduke

Description: modified (diff)
Priority: criticalmajor
Resolution: worksforme
Status: newclosed

comment:3 Changed 13 years ago by developingch

Resolution: worksforme
Status: closedreopened

Please modify your test to use a fully qaulified url. Since that is the #1 trigger to get to the XD scripting block. I have a site that uses https:// and subdomains for user accounts, so almost all urls must be fully qualified in order to avoid security warnings. When a protocol is passed in the url it will always be a GET, I am sorry that this wasn't in the original ticket.

comment:4 Changed 13 years ago by davidserduke

Based on my understanding of the jQuery ajax code, there are two basic ways that jQuery can request data. One is the XMLHttpRequest and the other is through a dynamically created <script> tag.

Unfortunately, the XMLHttpRequest specifically prohibits using a fully qualified domain (like http://www.example.com) by its same-origin security model.

That means all cross-domain ajax must be through the <script> tag and I'm not aware of a method to change the way a browser requests the script from a GET to a POST. I believe all your patch would do is throw an error when XMLHttpRequest gets a fully qualified domain.

I'll check to see if someone else has an idea but I suspect this will be closed again without a fix. If you have another idea feel free to post it here.

comment:5 Changed 13 years ago by davidserduke

need: Test CaseReview
Priority: majorminor
Resolution: fixed
Status: reopenedclosed

Fixed in [4106] such that any non-GET requests are passed on to XMLHttpRequest since a <script> type ajax request can only use GET.

Note: See TracTickets for help on using tickets.