From 62ccd9521ad72e56012c3294a94ca7b34b23be87 Mon Sep 17 00:00:00 2001 From: Gabriel Farrell Date: Mon, 30 Jun 2014 19:59:29 -0400 Subject: [PATCH 1/2] Add withCredentials option. Fix #29 --- README.md | 10 +++++++++- index.js | 6 ++++-- test/index.js | 15 +++++++++++++++ 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 48b7ff3..4effb4d 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,8 @@ type XhrOptions = String | { timeout: Number?, headers: Object?, body: String?, - json: Object? + json: Object?, + withCredentials: Boolean? } xhr := (XhrOptions, Callback) => Request ``` @@ -100,6 +101,12 @@ A valid JSON serializable value to be send to the server. If this Additionally the response body is parsed as JSON +### `options.withCredentials` + +Specify whether user credentials are to be included in a cross-origin + request. Sets [`xhr.withCredentials`][10]. + + ## MIT Licenced [1]: http://xhr.spec.whatwg.org/#the-send()-method @@ -111,3 +118,4 @@ Additionally the response body is parsed as JSON [7]: http://xhr.spec.whatwg.org/#the-responsetext-attribute [8]: http://xhr.spec.whatwg.org/#the-responsexml-attribute [9]: http://xhr.spec.whatwg.org/#the-setrequestheader()-method + [10]: http://xhr.spec.whatwg.org/#the-withcredentials-attribute diff --git a/index.js b/index.js index 2cb5b79..db9727b 100644 --- a/index.js +++ b/index.js @@ -56,9 +56,11 @@ function createXHR(options, callback) { // hate IE xhr.ontimeout = noop xhr.open(method, uri, !sync) - if (options.cors) { - xhr.withCredentials = true + + if ("withCredentials" in options) { + xhr.withCredentials = options.withCredentials } + // Cannot set timeout with sync request if (!sync) { xhr.timeout = "timeout" in options ? options.timeout : 5000 diff --git a/test/index.js b/test/index.js index 062fc8d..7a9f92a 100644 --- a/test/index.js +++ b/test/index.js @@ -20,3 +20,18 @@ test("can GET current page", function(assert) { }) }) +test("withCredentials option", function(assert) { + var req = xhr({}, function () {}) + assert.ok( + !req.withCredentials, + "withCredentials not set when not set in options" + ) + req = xhr({ + withCredentials: true + }, function () {}) + assert.ok( + req.withCredentials, + "withCredentials set to true when true in options" + ) + assert.end() +}) From b2a49cee054f51c3d673279a67ff9f58b00ae2bb Mon Sep 17 00:00:00 2001 From: Gabriel Farrell Date: Tue, 1 Jul 2014 15:56:53 -0400 Subject: [PATCH 2/2] True by default when cors is true. #29 --- README.md | 3 ++- index.js | 4 ++-- test/index.js | 14 +++++++++++--- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 4effb4d..94b3b38 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,8 @@ Additionally the response body is parsed as JSON ### `options.withCredentials` Specify whether user credentials are to be included in a cross-origin - request. Sets [`xhr.withCredentials`][10]. + request. Sets [`xhr.withCredentials`][10]. Defaults to true + when `options.cors` is true. ## MIT Licenced diff --git a/index.js b/index.js index db9727b..b188625 100644 --- a/index.js +++ b/index.js @@ -57,8 +57,8 @@ function createXHR(options, callback) { xhr.ontimeout = noop xhr.open(method, uri, !sync) - if ("withCredentials" in options) { - xhr.withCredentials = options.withCredentials + if (options.cors && options.withCredentials !== false) { + xhr.withCredentials = true } // Cannot set timeout with sync request diff --git a/test/index.js b/test/index.js index 7a9f92a..d975c6c 100644 --- a/test/index.js +++ b/test/index.js @@ -24,14 +24,22 @@ test("withCredentials option", function(assert) { var req = xhr({}, function () {}) assert.ok( !req.withCredentials, - "withCredentials not set when not set in options" + "withCredentials not true when nothing set in options" ) req = xhr({ - withCredentials: true + cors: true }, function () {}) assert.ok( req.withCredentials, - "withCredentials set to true when true in options" + "withCredentials set to true when cors is true in options" + ) + req = xhr({ + cors: true, + withCredentials: false + }, function () {}) + assert.ok( + !req.withCredentials, + "withCredentials set to false when set to false in options" ) assert.end() })