Permalink
Browse files

Merge pull request #2486 from vimeo/master

Add option to trigger xhr.withCredentials without http auth
  • Loading branch information...
ibolmo committed Jun 30, 2014
2 parents 2c72ef2 + 595356f commit ccc36c24b20878e6b76d243beab1a4ebab38e33d
Showing with 41 additions and 3 deletions.
  1. +2 −1 Docs/Request/Request.md
  2. +3 −2 Source/Request/Request.js
  3. +36 −0 Specs/Request/Request.js
View
@@ -35,8 +35,9 @@ An XMLHttpRequest Wrapper.
* isSuccess - (*function*) Overrides the built-in isSuccess function.
* evalScripts - (*boolean*: defaults to *false*) If set to true, `script` tags inside the response will be evaluated.
* evalResponse - (*boolean*: defaults to *false*) If set to true, the entire response will be evaluated. Responses with javascript content-type will be evaluated automatically.
* user - (*string*: defaults to *null*) When username is set the Request will open with credentials and try to authenticate.
* user - (*string*: defaults to *null*) The username to use for http basic authentication.
* password - (*string*: defaults to *null*) You can use this option together with the `user` option to set authentication credentials when necessary. Note that the password will be passed as plain text and is therefore readable by anyone through the source code. It is therefore encouraged to use this option carefully
* withCredentials - (*boolean*: defaults to *false*) If set to true, xhr.withCredentials will be set to true allowing cookies/auth to be passed for cross origin requests
### Events:
@@ -34,7 +34,8 @@ var Request = this.Request = new Class({
onException: function(headerName, value){},
onTimeout: function(){},
user: '',
password: '',*/
password: '',
withCredentials: false,*/
url: '',
data: '',
headers: {
@@ -197,7 +198,7 @@ var Request = this.Request = new Class({
}
xhr.open(method.toUpperCase(), url, this.options.async, this.options.user, this.options.password);
if (this.options.user && 'withCredentials' in xhr) xhr.withCredentials = true;
if ((/*<1.4compat>*/this.options.user || /*</1.4compat>*/this.options.withCredentials) && 'withCredentials' in xhr) xhr.withCredentials = true;
xhr.onreadystatechange = this.onStateChange.bind(this);
View
@@ -135,5 +135,41 @@ describe('Request', function(){
});
it('should not set xhr.withCredentials flag by default', function(){
var request = new Request({
url: '/something/or/other'
}).send();
expect(request.xhr.withCredentials).toBe(false);

This comment has been minimized.

Show comment
Hide comment
@ibolmo

ibolmo Jun 30, 2014

Member

should be .toBeFalsy()

Fixing... soon.

@ibolmo

ibolmo Jun 30, 2014

Member

should be .toBeFalsy()

Fixing... soon.

This comment has been minimized.

Show comment
Hide comment
@SergioCrisostomo

SergioCrisostomo Jun 30, 2014

Member

yeah, that makes most sense. Nice!

@SergioCrisostomo

SergioCrisostomo Jun 30, 2014

Member

yeah, that makes most sense. Nice!

});
/*<1.4compat>*/
it('should set xhr.withCredentials flag in 1.4 for this.options.user', function(){
var request = new Request({
url: '/something/or/other',
user: 'someone'
}).send();
expect(request.xhr.withCredentials).toBe(true);
});
/*</1.4compat>*/
var dit = /*<1.4compat>*/xit || /*</1.4compat>*/it; // don't run unless no compat
dit('should not set xhr.withCredentials flag in 1.5 for this.options.user', function(){
var request = new Request({
url: '/something/or/other',
user: 'someone'
}).send();
expect(request.xhr.withCredentials).toBe(false);
});
dit('should set xhr.withCredentials flag if options.withCredentials is set', function(){
var request = new Request({
url: '/something/or/other',
withCredentials: true
}).send();
expect(request.xhr.withCredentials).toBe(true);
});
});

0 comments on commit ccc36c2

Please sign in to comment.