From cdc8b23fd408a904c46ed6db62abfa572b807924 Mon Sep 17 00:00:00 2001 From: Luke Towers Date: Wed, 15 Feb 2017 09:56:43 -0600 Subject: [PATCH] Fixing same-origin AJAX requests jQuery sends multiple values for the `X-REQUESTED-WITH` header if it has already been set, even when the value is the same. This means that same-origin requests would send `X-REQUESTED-WITH: XMLHttpRequest, XMLHttpRequest` which isn't detected as AJAX by Laravel/Symphony. To fix this issue while retaining the crossDomain usage of framework.js, I've used `crossDomain: false` to trick jQuery into sending the header anyways on cross-origin requests. This is still changeable by the user in the `ajaxSetup` event. --- modules/system/assets/js/framework.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/system/assets/js/framework.js b/modules/system/assets/js/framework.js index 6ce6e22d9..57c348bc9 100644 --- a/modules/system/assets/js/framework.js +++ b/modules/system/assets/js/framework.js @@ -65,7 +65,6 @@ if (window.jQuery.request !== undefined) { } var requestHeaders = { - 'X-REQUESTED-WITH': 'XMLHttpRequest', 'X-OCTOBER-REQUEST-HANDLER': handler, 'X-OCTOBER-REQUEST-PARTIALS': this.extractPartials(options.update) } @@ -76,6 +75,7 @@ if (window.jQuery.request !== undefined) { var requestOptions = { url: window.location.href, + crossDomain: false, context: context, headers: requestHeaders, success: function(data, textStatus, jqXHR) {