Skip to content
Permalink
Browse files

Fixes #8423. Never set X-Requested-With header automagically for cros…

…s-domain requests.
  • Loading branch information...
jaubourg committed Mar 6, 2011
1 parent 2d0bc7c commit 6c124d3dd47fb399c7512c5c3b3420e438c32b65
Showing with 6 additions and 5 deletions.
  1. +6 −5 src/ajax/xhr.js
@@ -92,11 +92,12 @@ if ( jQuery.support.ajax ) {
xhr.overrideMimeType( s.mimeType );
}

// Requested-With header
// Not set for crossDomain requests with no content
// (see why at http://trac.dojotoolkit.org/ticket/9486)
// Won't change header if already provided
if ( !( s.crossDomain && !s.hasContent ) && !headers["X-Requested-With"] ) {
// X-Requested-With header
// For cross-domain requests, seeing as conditions for a preflight are
// akin to a jigsaw puzzle, we simply never set it to be sure.
// (it can always be set on a per-request basis or even using ajaxSetup)
// For same-domain requests, won't change header if already provided.
if ( !s.crossDomain && !headers["X-Requested-With"] ) {
headers[ "X-Requested-With" ] = "XMLHttpRequest";
}

0 comments on commit 6c124d3

Please sign in to comment.
You can’t perform that action at this time.