Opened 9 years ago

Closed 9 years ago

#11862 closed defect (wontfix)

[patch] Firefox 4.0b7 fails doing cross-domain (CORS) XHR calls with dojo.xhr()

Reported by: Thomas Bachem Owned by: anonymous
Priority: high Milestone: tbd
Component: Core Version: 1.5
Keywords: Cc:
Blocked By: Blocking:

Description

See my related Mozilla ticket: https://bugzilla.mozilla.org/show_bug.cgi?id=605296.

Firefox 4.0b7 doesn't behave as expected if "undefined" is provided as username/passwort argument to the XMLHttpRequest.open() method. This doesn't seem to happen if "null" is supplied instead.

The problem is caused by dojo/_base/xhr.js line 861:

xhr.open(method, ioArgs.url, args.sync !== true, args.user || undefined, args.password || undefined);

Which should be changed to

xhr.open(method, ioArgs.url, args.sync !== true, args.user || null, args.password || null);

as a workaround. Tested in FF 4.0b7, FF 3.6, Safari 5, Chrome 6, IE8, IE7, IE6.

Change History (4)

comment:1 Changed 9 years ago by craign

This is definitely a pain when using a dojo app with Firefox 4.0 betas, each xhr request requires the user to submit the basic auth dialog. And this simple patch resolves it.

From my reading of the specification I'm not sure why you would send 'undefined': http://www.w3.org/TR/XMLHttpRequest/#the-open-method

Craig

comment:2 Changed 9 years ago by James Burke

It looks like there is a patch in the works for Firefox that may address this issue, based on the original reporter's Bugzilla bug. I would like to see how that bug is resolved before doing a code change -- while the dojo code change might help future dojo versions, it would leave older ones broken.

comment:3 Changed 9 years ago by bill

@thomasbachem - https://bugzilla.mozilla.org/show_bug.cgi?id=605296 was fixed back in December, is this issue resolved?

comment:4 Changed 9 years ago by bill

Resolution: wontfix
Status: newclosed

Presumably fixed upstream.

Note: See TracTickets for help on using tickets.