Bug Tracker

Opened 13 years ago

Closed 12 years ago

Last modified 11 years ago

#5955 closed bug (fixed)

datatype=jsonp is ignored if request is local

Reported by: nickjohnson Owned by: jaubourg
Priority: high Milestone: 1.5
Component: ajax Version: 1.4.1
Keywords: ajaxrewrite Cc:
Blocked by: Blocking:


When making a jQuery.ajax request with datatype=jsonp, or a jQuery.getJSON request with a callback parameter, jQuery ignores the jsonp parameter and always uses an XHR if the request is not crossdomain. The culprit is here: http://github.com/jquery/jquery/blob/master/src/ajax.js#L292

This is a problem if the local URL is known to return a crossdomain 302 redirect, as is the case in our situation: We want the client to make OAuth authenticated calls to the twitter API, but the client can't do the signing (and shouldn't know the oauth secrets in any case), so we handle this by having jQuery request a local URL, which assembles the signed URL and returns it as a redirect. Since jQuery picks the callback function name, we can't do this as separate requests or by precalculating the URL, either.

Change History (6)

comment:1 Changed 13 years ago by iraebrasil

I agree completely with this being a bug. In the past I had issues with that too, but fixed in the server side, but would be much better if jQuery handled this better.

Here is a proposal to fix this issue, including one new unit test: http://github.com/irae/jquery/commit/df635fcb6dc7b47bf2f15b8b26f6a73d8bfa5210


comment:2 Changed 12 years ago by dmethvin

Priority: majorhigh
Status: newopen

comment:3 Changed 12 years ago by Rick Waldron

Keywords: ajaxrewrite added

comment:4 Changed 12 years ago by jaubourg

Owner: set to jaubourg
Status: openassigned

DataType "jsonp" is not ignored at all. Ajax simply uses the best available transport (ie the one with the best error handling capabilities).

The case where you request a same-domain url that redirects to a cross-domain one shouldn't force all other valid usages of same-domain script ot jsonp requests to use script tags.

Since the rewrite there's an internally computed option called "crossDomain". I think the best way to deal with this kind of situation is to only compute crossDomain if no truish value has already been provided for it in the options. That way, you can force a same-domain request to be considered cross-domain (and handle cross-domain redirection) while not forcing a less reliable transport on all other same-domain requests.

comment:5 Changed 12 years ago by jaubourg

Resolution: fixed
Status: assignedclosed

Fixes #5955. Option crossDomain now forces ajax to consider a request as cross-domain even when it is not. Useful for when servers issue redirects to cross-domain urls. Unit test added.

Changeset: 5a5f67800b048ae274e644547f4b8e03156ffa49

comment:6 Changed 12 years ago by jitter


Move fixed tickets to appropriate milestone

Note: See TracTickets for help on using tickets.