#11820 closed enhancement (fixed)
XMLHttpRequest.withCredentials
| Reported by: | igo | Owned by: | BryanForbes |
|---|---|---|---|
| Priority: | high | Milestone: | 1.8 |
| Component: | IO | Version: | 1.5 |
| Keywords: | xhr, withCredentials, CORS | Cc: | |
| Blocked by: | Blocking: |
Description
there is no way how to use Cross-Origin Resource Sharing and with credentials (https://developer.mozilla.org/En/HTTP_access_control#Requests_with_credentials) because withCredentials cannot be set. I suppose adding new param to dojo.xhr* that will enable withCredentials setting to true
Attachments (1)
Change History (14)
comment:1 Changed 7 years ago by peller
- Milestone changed from 1.5.1 to tbd
Changed 6 years ago by schkovich
comment:2 Changed 6 years ago by sbordet
Fixing this issue is important for CometD (http://cometd.org), which uses Dojo heavily.
The patch looks good to me, and it is in line with what suggested for jQuery (see http://api.jquery.com/jQuery.ajax, section "xhrFields").
comment:3 Changed 6 years ago by Prutkar
Cross-origin services are growing and this is still missing in dojo. It looks like the fix is very simple but it is out there for more then a year. It would be very nice if dojo would try to keep up with latest technologies or else web developers will be forced to switch and start using jquery it seems.
comment:4 Changed 6 years ago by bod
Any updates on this and future target version?
comment:5 Changed 6 years ago by dante
- Milestone changed from tbd to 1.7.1
- Owner changed from jburke to dante
- Status changed from new to assigned
comment:6 Changed 6 years ago by bill
- Milestone changed from 1.7.1 to 1.7.2
These didn't make it into the 1.7.1RC, so bumping them to 1.7.2 (as stated in the email I sent yesterday).
comment:7 Changed 5 years ago by csnover
- Milestone changed from 1.7.2 to 1.8
Enhancements should not go to point release.
comment:8 Changed 5 years ago by nickmaynard
My testing indicates:
Chromium: Works fine. Mobile Safari (iOS 5): No effect; probably browser's fault, though.
Other browsers: Untested.
Getting this support in ASAP would I think be helpful.
comment:9 Changed 5 years ago by bill
- Owner changed from dante to BryanForbes
Bulk change to reassign IO tickets to Bryan, since he is working on new dojo/request module. Some of these tickets should probably be closed as already fixed, invalid, or wontfix.
comment:10 Changed 5 years ago by kurtjlidl
For what it's worth, I tested this patch yesterday on a variety of browsers:
- Chrome (19.0.1084.46 m)
- Firefox (12.0)
- iPad iOS (5.1.1)
The patch works fine, and the browsers will all send cookies when the withCredentials property is set to 'true' to third-party servers.
comment:11 Changed 5 years ago by BryanForbes
In [28797]:
comment:12 Changed 5 years ago by BryanForbes
- Resolution set to fixed
- Status changed from assigned to closed
comment:13 Changed 4 years ago by owainb
Could this feature be documented please. This is the only place I could find it mentioned and it was exactly what I needed. Thanks.
Please note that patch is not throughly tested