-
Notifications
You must be signed in to change notification settings - Fork 131
/
xhr.bs
2236 lines (1744 loc) · 70.9 KB
/
xhr.bs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<pre class=metadata>
Title: XMLHttpRequest Standard
Group: WHATWG
H1: XMLHttpRequest
Shortname: xhr
Status: LS
No Editor: true
Abstract: The XMLHttpRequest Standard defines an API that provides scripted client functionality for transferring data between a client and a server.
Logo: https://resources.whatwg.org/logo-xhr.svg
Boilerplate: omit feedback-header, omit conformance
!Participate: <a href=https://github.com/whatwg/xhr>GitHub whatwg/xhr</a> (<a href=https://github.com/whatwg/xhr/issues/new>file an issue</a>, <a href=https://github.com/whatwg/xhr/issues>open issues</a>)
!Participate: <a href=https://wiki.whatwg.org/wiki/IRC>IRC: #whatwg on Freenode</a>
!Commits: <a href=https://github.com/whatwg/xhr/commits>GitHub whatwg/xhr/commits</a>
!Commits: [SNAPSHOT-LINK]
!Commits: <a href=https://twitter.com/xhrstandard>@xhrstandard</a>
!Tests: <a href=https://github.com/w3c/web-platform-tests/tree/master/XMLHttpRequest>web-platform-tests XMLHttpRequest/</a> (<a href=https://github.com/w3c/web-platform-tests/labels/xhr>ongoing work</a>)
!Translation (non-normative): <span title=Japanese><a href=https://triple-underscore.github.io/XHR-ja.html lang=ja hreflang=ja rel=alternate>日本語</a></span>
Translate IDs: enumdef-xmlhttprequestresponsetype xmlhttprequestresponsetype,dictdef-progresseventinit progresseventinit,typedefdef-formdataentryvalue formdataentryvalue
</pre>
<script src=https://resources.whatwg.org/file-issue.js async></script>
<script src=https://resources.whatwg.org/commit-snapshot-shortcut-key.js async></script>
<script src=https://resources.whatwg.org/dfn.js defer></script>
<pre class=link-defaults>
spec:dom; type:interface; text:Document
</pre>
<pre class=anchors>
urlPrefix: https://w3c.github.io/DOM-Parsing/; spec: dom-parsing
type: dfn; text: fragment serializing algorithm; url: dfn-fragment-serializing-algorithm
</pre>
<pre class=biblio>
{
"DOMPS": {
"aliasOf": "DOM-PARSING"
},
"HTTP": {
"aliasOf": "HTTP11"
},
"XMLNS": {
"aliasOf": "XML-NAMES"
}
}</pre>
<h2 id=introduction>Introduction</h2>
<p><em>This section is non-normative.</em>
<p>The {{XMLHttpRequest}} object is an API for <a for=/>fetching</a> resources.
<p>The name {{XMLHttpRequest}} is historical and has no bearing on its functionality.
<div id=example-xhr class=example>
<p>Some simple code to do something with data from an XML document
fetched over the network:
<pre><code class=lang-javascript>
function processData(data) {
// taking care of data
}
function handler() {
if(this.status == 200 &&
this.responseXML != null &&
this.responseXML.getElementById('test').textContent) {
// success!
processData(this.responseXML.getElementById('test').textContent);
} else {
// something went wrong
…
}
}
var client = new XMLHttpRequest();
client.onload = handler;
client.open("GET", "unicorn.xml");
client.send();</code></pre>
<p>If you just want to log a message to the server:
<pre><code class=lang-javascript>
function log(message) {
var client = new XMLHttpRequest();
client.open("POST", "/log");
client.setRequestHeader("Content-Type", "text/plain;charset=UTF-8");
client.send(message);
}</code></pre>
<p>Or if you want to check the status of a document on the server:
<pre><code class=lang-javascript>
function fetchStatus(address) {
var client = new XMLHttpRequest();
client.onload = function() {
// in case of network errors this might not give reliable results
returnStatus(this.status);
}
client.open("HEAD", address);
client.send();
}</code></pre>
</div>
<h3 id=specification-history>Specification history</h3>
<p>The {{XMLHttpRequest}} object was initially defined as part of
the WHATWG's HTML effort. (Based on Microsoft's implementation many years prior.)
It moved to the W3C in 2006. Extensions (e.g. progress events and
cross-origin requests) to {{XMLHttpRequest}} were developed in a
separate draft (XMLHttpRequest Level 2) until end of 2011, at which point
the two drafts were merged and {{XMLHttpRequest}} became a single
entity again from a standards perspective. End of 2012 it moved back to the
WHATWG.
<p>Discussion that led to the current draft can be found in the following mailing list
archives:
<ul class=brief>
<li><a href=https://lists.w3.org/Archives/Public/public-whatwg-archive/>whatwg@whatwg.org</a>
<li><a href=https://lists.w3.org/Archives/Public/public-webapps/>public-webapps@w3.org</a>
<li><a href=https://lists.w3.org/Archives/Public/public-webapi/>public-webapi@w3.org</a>
<li><a href=https://lists.w3.org/Archives/Public/public-appformats/>public-appformats@w3.org</a>
</ul>
<h2 id=conformance>Conformance</h2>
<p>All diagrams, examples, and notes in this specification are
non-normative, as are all sections explicitly marked non-normative.
Everything else in this specification is normative.
<p>The key words "MUST", "MUST NOT", "REQUIRED", <!--"SHALL", "SHALL
NOT",--> "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in the normative parts of this specification are to be
interpreted as described in RFC2119. For readability, these words do
not appear in all uppercase letters in this specification.
[[!RFC2119]]
<h3 id=extensibility>Extensibility</h3>
<p>User agents, Working Groups, and other interested parties are
<em>strongly encouraged</em> to discuss new features with the WHATWG
community.
<h2 id=terminology>Terminology</h2>
<p>This specification uses terminology, cross-linked throughout, from DOM,
DOM Parsing and Serialization, Encoding, Fetch, File API, HTML, HTTP, URL, Web IDL, and
XML.
[[!DOM]]
[[!DOMPS]]
[[!ENCODING]]
[[!FETCH]]
[[!FILEAPI]]
[[!HTML]]
[[!HTTP]]
[[!URL]]
[[!WEBIDL]]
[[!XML]] [[!XMLNS]]
<p>It uses the typographic conventions from HTML. [[!HTML]]
<p>The term <dfn>user credentials</dfn> for the purposes of this
specification means cookies, HTTP authentication, and TLS client certificates.
Specifically it does not refer to proxy authentication or the
<a http-header><code>Origin</code></a> header.
[[!COOKIES]] <!-- XXX ref? -->
<h2 id=interface-xmlhttprequest>Interface {{XMLHttpRequest}}</h2>
<pre class=idl>
[Exposed=(Window,DedicatedWorker,SharedWorker)]
interface XMLHttpRequestEventTarget : EventTarget {
// event handlers
attribute EventHandler onloadstart;
attribute EventHandler onprogress;
attribute EventHandler onabort;
attribute EventHandler onerror;
attribute EventHandler onload;
attribute EventHandler ontimeout;
attribute EventHandler onloadend;
};
[Exposed=(Window,DedicatedWorker,SharedWorker)]
interface XMLHttpRequestUpload : XMLHttpRequestEventTarget {
};
enum XMLHttpRequestResponseType {
"",
"arraybuffer",
"blob",
"document",
"json",
"text"
};
[Constructor,
Exposed=(Window,DedicatedWorker,SharedWorker)]
interface XMLHttpRequest : XMLHttpRequestEventTarget {
// event handler
attribute EventHandler onreadystatechange;
// states
const unsigned short UNSENT = 0;
const unsigned short OPENED = 1;
const unsigned short HEADERS_RECEIVED = 2;
const unsigned short LOADING = 3;
const unsigned short DONE = 4;
readonly attribute unsigned short readyState;
// request
void open(ByteString method, USVString url);
void open(ByteString method, USVString url, boolean async, optional USVString? username = null, optional USVString? password = null);
void setRequestHeader(ByteString name, ByteString value);
attribute unsigned long timeout;
attribute boolean withCredentials;
[SameObject] readonly attribute XMLHttpRequestUpload upload;
void send(optional (Document or BodyInit)? body = null);
void abort();
// response
readonly attribute USVString responseURL;
readonly attribute unsigned short status;
readonly attribute ByteString statusText;
ByteString? getResponseHeader(ByteString name);
ByteString getAllResponseHeaders();
void overrideMimeType(DOMString mime);
attribute XMLHttpRequestResponseType responseType;
readonly attribute any response;
readonly attribute USVString responseText;
[Exposed=Window] readonly attribute Document? responseXML;
};</pre>
<p>An {{XMLHttpRequest}} object has an associated
{{XMLHttpRequestUpload}} object.
<p>An {{XMLHttpRequest}} object has an associated
<dfn id=concept-xmlhttprequest-state>state</dfn>, which is one of
<i>unsent</i>,
<i>opened</i>,
<i>headers received</i>,
<i>loading</i>, and
<i>done</i>. Unless stated otherwise it is <i>unsent</i>.
<p>An {{XMLHttpRequest}} object has an associated
<dfn id=send-flag><code>send()</code> flag</dfn>. Unless stated otherwise it is unset.
<p>An {{XMLHttpRequest}} object has an associated <dfn>stop timeout flag</dfn>.
Unless stated otherwise it is unset.
<h3 id=constructors>Constructors</h3>
<dl class=domintro>
<dt><code><var>client</var> = new <a constructor for=XMLHttpRequest>XMLHttpRequest()</a></code>
<dd>Returns a new {{XMLHttpRequest}} object.
</dl>
<p>The <dfn id=dom-xmlhttprequest constructor for=XMLHttpRequest><code>XMLHttpRequest()</code></dfn>
constructor, when invoked, must return a new {{XMLHttpRequest}} object.
<h3 id=garbage-collection>Garbage collection</h3>
<!-- Based on EventSource and WebSocket. Not sure what I am doing. -->
<p>An {{XMLHttpRequest}} object must not be garbage collected if its
<a>state</a> is either
<i>opened</i> with the <a><code>send()</code> flag</a> set,
<i>headers received</i>, or <i>loading</i>, and it has one or more
<a>event listeners</a>
registered whose <b>type</b> is one of
<a event><code>readystatechange</code></a>,
<a event><code>progress</code></a>,
<a event><code>abort</code></a>,
<a event><code>error</code></a>,
<a event><code>load</code></a>,
<a event><code>timeout</code></a>, and
<a event><code>loadend</code></a>.
<!-- No need to mention upload event listeners as they happen during /opened/. -->
<p>If an {{XMLHttpRequest}} object is garbage collected while its
connection is still open, the user agent must <a>terminate the request</a>.
<h3 id=event-handlers>Event handlers</h3>
<p>The following are the
<a>event handlers</a> (and their corresponding
<a>event handler event types</a>)
that must be supported on objects implementing an interface that inherits
from {{XMLHttpRequestEventTarget}} as attributes:
<table>
<thead>
<tr>
<th><a lt="event handlers">event handler</a>
<th><a>event handler event type</a>
<tbody>
<tr>
<td><dfn id=handler-xhr-onloadstart attribute for=XMLHttpRequestEventTarget><code>onloadstart</code></dfn>
<td><a event><code>loadstart</code></a>
<tr>
<td><dfn id=handler-xhr-onprogress attribute for=XMLHttpRequestEventTarget><code>onprogress</code></dfn>
<td><a event><code>progress</code></a>
<tr>
<td><dfn id=handler-xhr-onabort attribute for=XMLHttpRequestEventTarget><code>onabort</code></dfn>
<td><a event><code>abort</code></a>
<tr>
<td><dfn id=handler-xhr-onerror attribute for=XMLHttpRequestEventTarget><code>onerror</code></dfn>
<td><a event><code>error</code></a>
<tr>
<td><dfn id=handler-xhr-onload attribute for=XMLHttpRequestEventTarget><code>onload</code></dfn>
<td><a event><code>load</code></a>
<tr>
<td><dfn id=handler-xhr-ontimeout attribute for=XMLHttpRequestEventTarget><code>ontimeout</code></dfn>
<td><a event><code>timeout</code></a>
<tr>
<td><dfn id=handler-xhr-onloadend attribute for=XMLHttpRequestEventTarget><code>onloadend</code></dfn>
<td><a event><code>loadend</code></a>
</table>
<p>The following is the
<a lt="event handlers">event handler</a>
(and its corresponding
<a>event handler event type</a>) that must be
supported as attribute solely by the
{{XMLHttpRequest}} object:
<table>
<thead>
<tr>
<th><a lt="event handlers">event handler</a>
<th><a>event handler event type</a>
<tbody>
<tr>
<td><dfn id=handler-xhr-onreadystatechange attribute for=XMLHttpRequest><code>onreadystatechange</code></dfn>
<td><a event><code>readystatechange</code></a>
</table>
<h3 id=states>States</h3>
<dl class=domintro>
<dt><code><var>client</var> . <a attribute for=XMLHttpRequest>readyState</a></code>
<dd><p>Returns <var>client</var>'s
<a>state</a>.
</dl>
<p>The
<dfn attribute for=XMLHttpRequest><code>readyState</code></dfn>
attribute's getter must return the value from the table below in the cell of the second column, from
the row where the value in the cell in the first column is <a>context object</a>'s <a>state</a>:
<table>
<tbody><tr>
<td><i>unsent</i>
<td><dfn const for=XMLHttpRequest><code>UNSENT</code></dfn> (numeric value 0)
<td>The object has been constructed.
<tr>
<td><i>opened</i>
<td><dfn const for=XMLHttpRequest><code>OPENED</code></dfn> (numeric value 1)
<td>The <a method for=XMLHttpRequest lt="open(method, url)"><code>open()</code></a> method has
been successfully invoked. During this state request headers can be set using
<a><code>setRequestHeader()</code></a> and the fetch can be initiated using the
<a><code>send()</code></a> method.
<tr>
<td><i>headers received</i>
<td><dfn const for=XMLHttpRequest><code>HEADERS_RECEIVED</code></dfn>
(numeric value 2)
<td>All redirects (if any) have been followed and all HTTP headers of the
<a>response</a> have been received.
<tr>
<td><i>loading</i>
<td><dfn const for=XMLHttpRequest><code>LOADING</code></dfn> (numeric value 3)
<td>The <a>response</a>'s
<a for=response>body</a> is being received.
<tr>
<td><i>done</i>
<td><dfn const for=XMLHttpRequest><code>DONE</code></dfn> (numeric value 4)
<td>The data transfer has been completed or something went wrong during the transfer
(e.g. infinite redirects).
</table>
<h3 id=request>Request</h3>
<p>Each {{XMLHttpRequest}} object has the following request-associated concepts:
<dfn>request method</dfn>,
<dfn>request URL</dfn>,
<dfn id=author-request-headers>author request headers</dfn>,
<dfn>request body</dfn>,
<dfn>synchronous flag</dfn>,
<dfn id=upload-complete-flag>upload complete flag</dfn>, and
<dfn>upload listener flag</dfn>.
<p>The <a>author request headers</a> is an initially empty
<a for=/>header list</a>.
<p>The <a>request body</a> is initially null.
<p>The <a>synchronous flag</a>, <a>upload complete flag</a>, and
<a>upload listener flag</a> are initially unset.
<hr>
<p>To <dfn>terminate the request</dfn>,
<a for=fetch>terminate</a> the
<a for=/>fetch</a> algorithm operated by the
{{XMLHttpRequest}} object with reason <i>fatal</i>.
<h4 id=the-open()-method>The <code>open()</code> method</h4>
<dl class=domintro>
<dt><code><var>client</var> . <a method for=XMLHttpRequest lt="open(method, url)">open(<var>method</var>, <var>url</var> [, <var>async</var> = true [, <var>username</var> = null [, <var>password</var> = null]]])</a></code>
<dd>
<p>Sets the <a>request method</a>, <a>request URL</a>, and
<a>synchronous flag</a>.
<p>Throws a <code>SyntaxError</code> exception if
either <var>method</var> is not a valid HTTP method or
<var>url</var> cannot be parsed.
<p>Throws a <code>SecurityError</code> exception
if <var>method</var> is a case-insensitive match for
`<code>CONNECT</code>`, `<code>TRACE</code>` or `<code>TRACK</code>`.
<p>Throws an <code>InvalidAccessError</code> exception if <var>async</var> is false,
<a>current global object</a> is a {{Window}}
object, and the {{XMLHttpRequest/timeout!!attribute}} attribute is not zero or the
{{XMLHttpRequest/responseType}} attribute is not the empty string.
</dl>
<p class="critical no-backref" id=sync-warning>Synchronous {{XMLHttpRequest}}
outside of workers is in the process of being removed from the web platform as it has
detrimental effects to the end user's experience. (This is a long process that takes many
years.) Developers must not pass false for the <var>async</var> argument when
<a>current global object</a> is a {{Window}}
object. User agents are strongly encouraged to warn about such usage in developer tools and may
experiment with <a lt=throw>throwing</a> an
<code>InvalidAccessError</code> exception when it occurs.
<p>The
<dfn id=dom-xmlhttprequest-open method for=XMLHttpRequest><code>open(<var>method</var>, <var>url</var>)</code></dfn>
and
<dfn method for=XMLHttpRequest><code>open(<var>method</var>, <var>url</var>, <var>async</var>, <var>username</var>, <var>password</var>)</code></dfn>
methods, when invoked, must run these steps:
<ol>
<li><p>If <a>context object</a>'s
<a>relevant settings object</a> has a
<a>responsible document</a> and it is <em>not</em>
<a>fully active</a>,
<a>throw</a> an <code>InvalidStateError</code> exception.
<li><p>If <var>method</var> is not a
<a for=/>method</a>,
<a>throw</a> a
<code>SyntaxError</code> exception.
<li><p>If <var>method</var> is a <a>forbidden method</a>,
<a>throw</a> a
<code>SecurityError</code> exception.
<li><p><a for=method>Normalize</a>
<var>method</var>.
<li><p>Let <var>parsedURL</var> be the result of
<a lt="URL parser">parsing</a> <var>url</var> with
<a>context object</a>'s
<a>relevant settings object</a>'s
<a>API base URL</a>.
<li><p>If <var>parsedURL</var> is failure,
<a>throw</a> a
<code>SyntaxError</code> exception.
<li>
<p>If the <var>async</var> argument is omitted, set <var>async</var> to true, and set
<var>username</var> and <var>password</var> to null.
<p class=note>Unfortunately legacy content prevents treating the <var>async</var>
argument being <code>undefined</code> identical from it being omitted.
<li>
<p>If <var>parsedURL</var>'s <a for=url>host</a>
is non-null, run these substeps:
<ol>
<li><p>If the <var>username</var> argument is not null,
<a>set the username</a> given <var>parsedURL</var> and
<var>username</var>.
<li><p>If the <var>password</var> argument is not null,
<a>set the password</a> given <var>parsedURL</var> and
<var>password</var>.
</ol>
<li><p>If <var>async</var> is false, <a>current global object</a> is a {{Window}}
object, and the {{XMLHttpRequest/timeout!!attribute}} attribute value is not zero
or the {{XMLHttpRequest/responseType}} attribute value is not the
empty string, then <a>throw</a> an
<code>InvalidAccessError</code> exception.
<li>
<p><a>Terminate the request</a>.
<p class=note>A <a for=/>fetch</a> can be
ongoing at this point.
<li>
<p>Set variables associated with the object as follows:
<ul>
<li><p>Unset the <a><code>send()</code> flag</a>, <a>stop timeout flag</a>, and
<a>upload listener flag</a>.
<li><p>Set <a>request method</a> to <var>method</var>.
<li><p>Set <a>request URL</a> to <var>parsedURL</var>.
<li><p>Set the <a>synchronous flag</a>, if <var>async</var> is false, and unset
the <a>synchronous flag</a> otherwise.
<li><p>Empty <a>author request headers</a>.
<li><p>Set <a>response</a> to a
<a>network error</a>.
<li><p>Set <a>received bytes</a> to the empty byte sequence.
<li><p>Set <a>response object</a> to null.
</ul>
<li>
<p>If the <a>state</a> is not
<i>opened</i>, run these substeps:
<ol>
<li><p>Set <a>state</a> to
<i>opened</i>.
<li><p><a>Fire an event</a> named <a event><code>readystatechange</code></a>.
</ol>
</ol>
<p class=note>The reason there are two <code>open()</code> methods defined is due to a limitation of
the editing software used to write the XMLHttpRequest Standard.
<h4 id=the-setrequestheader()-method>The <code>setRequestHeader()</code> method</h4>
<dl class=domintro>
<dt><code><var>client</var> . <a method for=XMLHttpRequest>setRequestHeader(<var>name</var>, <var>value</var>)</a></code>
<dd>
<p>Combines a <a>header</a> in
<a>author request headers</a>.
<p>Throws an <code>InvalidStateError</code>
exception if either <a>state</a> is not
<i>opened</i> or the <a><code>send()</code> flag</a> is set.
<p>Throws a <code>SyntaxError</code> exception if
<var>name</var> is not a header name or if <var>value</var> is not a header value.
</dl>
<p class=note>As indicated in the algorithm below certain headers cannot
be set and are left up to the user agent. In addition there are certain
other headers the user agent will take control of if they are not set by
the author as indicated at the end of the
<a><code>send()</code></a> method section.
<p>The
<dfn id=dom-xmlhttprequest-setrequestheader method for=XMLHttpRequest><code>setRequestHeader(<var>name</var>, <var>value</var>)</code></dfn>
method must run these steps:
<ol>
<li><p>If <a>state</a> is not
<i>opened</i>, <a>throw</a> an
<code>InvalidStateError</code> exception.
<li><p>If the <a><code>send()</code> flag</a> is set,
<a>throw</a> an
<code>InvalidStateError</code> exception.
<li><p><a for=header/value>Normalize</a> <var>value</var>.
<li>
<p>If <var>name</var> is not a
<a for=header>name</a> or <var>value</var>
is not a <a for=header>value</a>,
<a>throw</a> a
<code>SyntaxError</code> exception.
<p class="note no-backref">An empty byte sequence represents an empty
<a>header</a>
<a for=header>value</a>.
<li><p>Terminate these steps if <var>name</var> is a
<a>forbidden header name</a>.
<li><p><a for="header list">Combine</a> <var>name</var>/<var>value</var> in
<a>author request headers</a>.
</ol>
<div id=example-setting-header-twice class=example>
<p>Some simple code demonstrating what happens when setting the same
header twice:
<pre><code class=lang-javascript>
// The following script:
var client = new XMLHttpRequest();
client.open('GET', 'demo.cgi');
client.setRequestHeader('X-Test', 'one');
client.setRequestHeader('X-Test', 'two');
client.send();
// …results in the following header being sent:
// X-Test: one, two</code></pre>
</div>
<h4 id=the-timeout-attribute>The <code>timeout</code> attribute</h4>
<dl class=domintro>
<dt><code><var>client</var> . <a attribute for=XMLHttpRequest>timeout</a></code>
<dd>
<p>Can be set to a time in milliseconds. When set to a non-zero value
will cause <a for=/>fetching</a> to
terminate after the given time has passed. When the time has passed, the request has
not yet completed, and the <a>synchronous flag</a> is unset, a
<a event><code>timeout</code></a> event will then be
<a>dispatched</a>,
or a <code>TimeoutError</code> exception will be
<a lt=throw>thrown</a> otherwise
(for the <a><code>send()</code></a> method).
<p>When set: throws an
<code>InvalidAccessError</code> exception if
the <a>synchronous flag</a> is set and
<a>current global object</a> is a {{Window}}
object.
</dl>
<p>The <dfn attribute for=XMLHttpRequest><code>timeout</code></dfn>
attribute must return its value. Initially its value must be zero.
<p>Setting the {{XMLHttpRequest/timeout!!attribute}}
attribute must run these steps:
<ol>
<li><p>If <a>current global object</a> is a {{Window}}
object and the <a>synchronous flag</a> is set,
<a>throw</a> an
<code>InvalidAccessError</code> exception.
<li><p>Set its value to the new value.
</ol>
<p class=note>This implies that the
{{XMLHttpRequest/timeout!!attribute}} attribute can be
set while <a for=/>fetching</a> is in
progress. If that occurs it will still be measured relative to the start
of <a for=/>fetching</a>.
<h4 id=the-withcredentials-attribute>The <code>withCredentials</code> attribute</h4>
<dl class=domintro>
<dt><code><var>client</var> . <a attribute for=XMLHttpRequest>withCredentials</a></code>
<dd>
<p>True when <a>user credentials</a> are to be included in a
cross-origin request. False when they are to be excluded in a
cross-origin request and when cookies are to be ignored in its response.
Initially false.
<p>When set: throws an
<code>InvalidStateError</code> exception if
<a>state</a> is not <i>unsent</i> or
<i>opened</i>, or if the <a><code>send()</code> flag</a> is set.
</dl>
<p>The
<dfn attribute for=XMLHttpRequest><code>withCredentials</code></dfn>
attribute must return its value. Initially its value must be false.
<p>Setting the
{{XMLHttpRequest/withCredentials}}
attribute must run these steps:
<ol>
<li><p>If <a>state</a> is not
<i>unsent</i> or <i>opened</i>,
<a>throw</a> an
<code>InvalidStateError</code> exception.
<li><p>If the <a><code>send()</code> flag</a> is set,
<a>throw</a> an
<code>InvalidStateError</code> exception.
<li><p>Set the {{XMLHttpRequest/withCredentials}}
attribute's value to the given value.
</ol>
<p class=note>The {{XMLHttpRequest/withCredentials}}
attribute has no effect when
<a for=/>fetching</a>
<a lt="same origin">same-origin</a> resources.
<h4 id=the-upload-attribute>The <code>upload</code> attribute</h4>
<dl class=domintro>
<dt><code><var>client</var> . <a attribute for=XMLHttpRequest>upload</a></code>
<dd><p>Returns the associated {{XMLHttpRequestUpload}}
object. It can be used to gather transmission information when data is
transferred to a server.
</dl>
<p>The
<dfn attribute for=XMLHttpRequest><code>upload</code></dfn>
attribute must return the associated
{{XMLHttpRequestUpload}} object.
<p class=note>As indicated earlier, each {{XMLHttpRequest}}
object has an associated {{XMLHttpRequestUpload}} object.
<h4 id=the-send()-method>The <code>send()</code> method</h4>
<dl class=domintro>
<dt><code><var>client</var> . <a method for=XMLHttpRequest>send([<var>body</var> = null])</a></code>
<dd>
<p>Initiates the request. The optional argument provides the
<a>request body</a>. The argument is ignored if
<a>request method</a> is <code>GET</code> or
<code>HEAD</code>.
<p>Throws an <code>InvalidStateError</code> exception if either
<a>state</a> is not <i>opened</i> or the
<a><code>send()</code> flag</a> is set.
</dl>
<p>The <dfn method for=XMLHttpRequest><code>send(<var>body</var>)</code></dfn>
method must run these steps:
<ol>
<li><p>If <a>state</a> is not
<i>opened</i>, <a>throw</a> an
<code>InvalidStateError</code> exception.
<li><p>If the <a><code>send()</code> flag</a> is set,
<a>throw</a> an
<code>InvalidStateError</code> exception.
<li><p>If the <a>request method</a> is <code>GET</code> or
<code>HEAD</code>, set <var>body</var> to null.
<li>
<p>If <var>body</var> is null, go to the next step.
<p>Otherwise, let <var>encoding</var> and <var>mimeType</var> be null, and then follow these
rules, switching on <var>body</var>:
<dl class=switch>
<dt id=dom-xmlhttprequest-send-document>{{Document}}
<dd>
<p>Set <var>encoding</var> to `<code>UTF-8</code>`.
<p>Set <var>mimeType</var> to `<code>text/html</code>` if <var>body</var> is an
<a>HTML document</a>, and to `<code>application/xml</code>` otherwise. Then append
`<code>;charset=UTF-8</code>` to <var>mimeType</var>.
<p>Set <a>request body</a> to <var>body</var>,
<a lt="fragment serializing algorithm">serialized</a>,
<a lt="obtain Unicode">converted to Unicode</a>, and <a lt="UTF-8 encode">utf-8 encoded</a>.
<dt id=dom-xmlhttprequest-send-bodyinit>{{BodyInit}}
<dd>
<p>If <var>body</var> is a string, set <var>encoding</var> to
`<code>UTF-8</code>`.
<p>Set <a>request body</a> and <var>mimeType</var> to the result of
<a for=BodyInit>extracting</a> <var>body</var>.
</dl>
<p>If <var>mimeType</var> is non-null and <a>author request headers</a>
<a for="header list">does not contain</a> `<code>Content-Type</code>`, then
<a for="header list">append</a> `<code>Content-Type</code>`/<var>mimeType</var> to
<a>author request headers</a>.
<p>Otherwise, if the <a>header</a> whose <a for=header>name</a> is a <a>byte-case-insensitive</a>
match for `<code>Content-Type</code>` in <a>author request headers</a> has a
<a for=header>value</a> that is a <a>valid MIME type</a>, which has a `<code>charset</code>`
parameter whose value is not a <a>byte-case-insensitive</a> match for <var>encoding</var>, and
<var>encoding</var> is not null, then set all the `<code>charset</code>` parameters whose value is
not a <a>byte-case-insensitive</a> match for <var>encoding</var> of that <a>header</a>'s
<a for=header>value</a> to <var>encoding</var>.
<!-- XXX could still be better with parameter cross-ref -->
<!-- reminder: if we ever change this to always include charset it has
to be included as the first parameter for compatibility reasons -->
<li><p>If one or more event listeners are registered on the associated
{{XMLHttpRequestUpload}} object, then set <a>upload listener flag</a>.
<li>
<p>Let <var>req</var> be a new
<a for=/>request</a>, initialized as
follows:
<dl>
<dt><a for=request>method</a>
<dd><a>request method</a>
<dt><a for=request>url</a>
<dd><a>request URL</a>
<dt><a for=request>header list</a>
<dd><a>author request headers</a>
<dt><a for=request>unsafe-request flag</a>
<dd>Set.
<dt><a for=request>body</a>
<dd><a>request body</a>
<dt><a for=request>client</a>
<dd><a>context object</a>'s
<a>relevant settings object</a>
<dt><a for=request>synchronous flag</a>
<dd>Set if the <a>synchronous flag</a> is set.
<dt><a for=request>mode</a>
<dd>"<code>cors</code>"
<dt><a for=request>use-CORS-preflight flag</a>
<dd>Set if <a>upload listener flag</a> is set.
<dt><a for=request>credentials mode</a>
<dd>If the {{XMLHttpRequest/withCredentials}}
attribute value is true, "<code>include</code>", and "<code>same-origin</code>"
otherwise.
<dt><a for=request>use-URL-credentials flag</a>
<dd>Set if either <a>request URL</a>'s
<a for=url>username</a>
is not the empty string or <a>request URL</a>'s
<a for=url>password</a> is non-null.
</dl>
<li><p>Unset the <a>upload complete flag</a>.
<li><p>If <var>req</var>'s
<a for=request>body</a> is null,
set the <a>upload complete flag</a>.
<li><p>Set the <a><code>send()</code> flag</a>.
<li>
<p>If the <a>synchronous flag</a> is unset, run these substeps:
<ol>
<li><p><a>Fire a progress event</a> named <a event><code>loadstart</code></a> with 0 and 0.
<li><p>If the <a>upload complete flag</a> is unset and <a>upload listener flag</a> is
set, then <a>fire a progress event</a> named
<a event><code>loadstart</code></a> on the
{{XMLHttpRequestUpload}} object with 0 and <var>req</var>'s
<a for=request>body</a>'s
<a>total bytes</a>.
<li><p>If <a>state</a> is not <i>opened</i> or the <a><code>send()</code> flag</a> is unset, then
return.
<li>
<p><a for=/>Fetch</a> <var>req</var>.
Handle the <a>tasks</a>
<a lt="queue a task">queued</a> on the
<a>networking task source</a> per below.
<p>Run these subsubsteps <a>in parallel</a>:
<ol>
<li>
<p>Wait until either <var>req</var>'s <a for=request>done flag</a> is set or
<ol>
<li><p>the {{XMLHttpRequest/timeout!!attribute}} attribute value number of milliseconds has
passed since these subsubsteps started
<li><p>while {{XMLHttpRequest/timeout!!attribute}} attribute value is not zero.
</ol>
<li><p>If <var>req</var>'s <a for=request>done flag</a> is unset, then
<a for=fetch>terminate</a> <a for=/>fetching</a> with reason <i>timeout</i>.
</ol>
<p>To <a>process request body</a> for
<var>request</var>, run these subsubsteps:
<ol>
<li><p>If not roughly 50ms have passed since these subsubsteps were last invoked,
terminate these subsubsteps.
<li><p>If <a>upload listener flag</a> is set, then
<a>fire a progress event</a> named
<a event><code>progress</code></a> on the
{{XMLHttpRequestUpload}} object with <var>request</var>'s
<a for=request>body</a>'s
<a>transmitted bytes</a> and
<var>request</var>'s
<a for=request>body</a>'s
<a>total bytes</a>.
<!-- upload complete flag can never be set here I hope -->
</ol>
<p class=note>These subsubsteps are only invoked when new bytes are transmitted.
<p>To <a>process request end-of-body</a> for
<var>request</var>, run these subsubsteps:
<ol>
<li><p>Set the <a>upload complete flag</a>.
<li><p>If <a>upload listener flag</a> is unset, then terminate these subsubsteps.
<li><p>Let <var>transmitted</var> be <var>request</var>'s
<a for=request>body</a>'s
<a>transmitted bytes</a>.
<li><p>Let <var>length</var> be <var>request</var>'s
<a for=request>body</a>'s
<a>total bytes</a>.
<li><p><a>Fire a progress event</a> named
<a event><code>progress</code></a> on the
{{XMLHttpRequestUpload}} object with <var>transmitted</var> and
<var>length</var>.
<li><p><a>Fire a progress event</a> named
<a event><code>load</code></a> on the
{{XMLHttpRequestUpload}} object with <var>transmitted</var> and
<var>length</var>.
<li><p><a>Fire a progress event</a> named
<a event><code>loadend</code></a> on the
{{XMLHttpRequestUpload}} object with <var>transmitted</var> and
<var>length</var>.
</ol>
<!-- upload complete flag can never be set here I hope -->
<p>To <a>process response</a> for <var>response</var>,
run these subsubsteps:
<ol>
<li><p>If the <a>stop timeout flag</a> is unset, set the
<a>stop timeout flag</a>.
<li><p>Set <a>response</a> to <var>response</var>.
<li><p><a>Handle errors</a> for <var>response</var>.
<li><p>If <a>response</a> is a
<a>network error</a>,
return.
<li><p>Set <a>state</a> to
<i>headers received</i>.
<li><p><a>Fire an event</a> named
<a event><code>readystatechange</code></a>.
<li><p>If <a>state</a> is not
<i>headers received</i>, then return.
<li><p>If <var>response</var>'s
<a for=response>body</a> is null,
then run <a>handle response end-of-body</a> and return.
<li>
<p>Let <var>reader</var> be the result of
<a lt="get a reader" for=ReadableStream>getting a reader</a> from
<var>response</var>'s <a for=response>body</a>'s
<a for=body>stream</a>.
<p><span class="note no-backref">This operation will not throw an exception.</span>
<li>
<p>Let <var>read</var> be the result of
<a lt="read a chunk" for=ReadableStream>reading a chunk</a>
from <var>response</var>'s
<a for=response>body</a>'s
<a>stream</a> with <var>reader</var>.
<p>When <var>read</var> is fulfilled with an object whose <code>done</code> property is false
and whose <code>value</code> property is a <code>Uint8Array</code> object, run these
subsubsubsteps and then run the above subsubstep again:
<ol>
<li><p>Append the <code>value</code> property to <a>received bytes</a>.
<li><p>If not roughly 50ms have passed since these subsubsubsteps were last invoked,
then terminate these subsubsubsteps.