Bug Tracker

Opened 13 years ago

Closed 13 years ago

Last modified 12 years ago

#8166 closed bug (wontfix)

$.getScript: sameDomain file:// requests fails in Chromium when using XHR

Reported by: ast@… Owned by: jaubourg
Priority: low Milestone: 1.5.1
Component: ajax Version: 1.5
Keywords: Cc:
Blocked by: Blocking:

Description

When doing same-domain file:// XHR Chromium spits out an 

XMLHttpRequest cannot load file://[...].js.
Origin null is not allowed by Access-Control-Allow-Origin.

The following patch is pullable from: git://git.asbjorn.biz/jquery.git getscript-fix 

ajax: script: Threat sameDomain file:// requests as crossDomain

Due to file:// XHR security measures in Chromium, dynamic loading
of scripts need to use the script tag injection hack.

Tested in Chromium 6.0.472.63, Firefox 3.6.7 and Konqueror 4.4.5

Signed-off-by: Asbjørn Sloth Tønnesen <ast@mugami.com>

  • src/ajax/script.js 

    diff --git a/src/ajax/script.js b/src/ajax/script.js
index 34ddd04..c80696c 100644
    a b jQuery.ajaxPrefilter( "script", function( s ) { 
    3030// Bind script tag hack transport
    3131jQuery.ajaxTransport( "script", function(s) {
    3232
    33         // This transport only deals with cross domain requests
    34         if ( s.crossDomain ) {
     33        // This transport primarily deals with cross domain requests
     34        // but also sameDomain request within file:// due to
     35        // http://code.google.com/p/chromium/issues/detail?id=4197 + 47416
     36        var local = location.protocol === 'file:'
     37        if ( s.crossDomain || local ) {
    3538
    3639                var script,
    3740                        head = document.head || document.getElementsByTagName( "head" )[0] || document.documentElement;

Related issues in Chromiums issue tracker:

Change History (8)

comment:1 Changed 13 years ago by Rick Waldron

Component: unfiledajax
Priority: undecidedhigh
Resolution: duplicate
Status: newclosed

comment:2 Changed 13 years ago by Rick Waldron

Duplicate of #8125.

comment:3 Changed 13 years ago by jitter

Milestone: 1.next1.5.1
Version: git1.5

comment:4 Changed 13 years ago by asbjornbiz

This is not a duplicate of #8125, that was fixed in git two days ago, my bug report was against git, not 1.5.

Testcases based on current git HEAD and HEAD+fix: http://asbjorn.it/pub/bugreports/jquery/6166-testcase.tar.bz2 to be run from local file:// context.

BTW: The patch had a minor error which has been fixed in git://git.asbjorn.biz/jquery.git getscript-fix

comment:5 Changed 13 years ago by jitter

Resolution: duplicate
Status: closedreopened

comment:6 Changed 13 years ago by jitter

Owner: set to jaubourg
Status: reopenedassigned

comment:7 Changed 13 years ago by jaubourg

Priority: highlow
Resolution: wontfix
Status: assignedclosed

If you wanna make sure every script requests are considered cross-domain, add the following prefilter: 

jQuery.ajaxPrefilter( "script", function( s ) {
    s.crossDomain = true;
} );
Last edited 13 years ago by jitter (previous) (diff)

comment:8 Changed 13 years ago by jitter

#8249 is a duplicate of this ticket.

Note: See TracTickets for help on using tickets.