mirror/openseadragon
1
0
Fork 0
mirror of https://github.com/openseadragon/openseadragon.git synced 2025-01-19 17:21:50 +03:00
Code Issues Projects Releases Wiki Activity

Graceful handling of IE cross-domain AJAX failures

Browse Source 
Prior to IE 10, XmlHttpRequest cannot be used for requests to a
different origin even when the target URL's CORS headers would allow
access (see http://caniuse.com/#feat=cors).

This is easy to miss in testing if you use a single origin during
testing but have a CDN or domain-sharding for production and will break
the error handler function passed to makeAjaxRequest() if that code
assumes it can access properties on the request object.

This adds a more informative pointer to Microsoft's documentation when a
security exception is raised.
This commit is contained in:
Chris Adams 2013-08-29 16:13:13 -04:00
parent 4d006d628c
commit 1b6cf93474
1 changed files with 19 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/openseadragon.js
View File

@ -1345,7 +1345,25 @@ window.OpenSeadragon = window.OpenSeadragon || function( options ){
request.open( "GET", url, true );
request.send( null );
} catch (e) {
$.console.log( "%s while making AJAX request: %s", e.name, e.message );
var msg = e.message;
/*
IE < 10 does not support CORS and an XHR request to a different origin will fail as soon
as send() is called. This is particularly easy to miss during development and appear in
production if you use a CDN or domain sharding and the security policy is likely to break
exception handlers since any attempt to access a property of the request object will
raise an access denied TypeError inside the catch block.
To be friendlier, we'll check for this specific error and add a documentation pointer
to point developers in the right direction. We test the exception number because IE's
error messages are localized.
*/
var oldIE = $.Browser.vendor == $.BROWSERS.IE && $.Browser.version < 10;
if ( oldIE && typeof( e.number ) != "undefined" && e.number == -2147024891 ) {
msg += "\nSee http://msdn.microsoft.com/en-us/library/ms537505(v=vs.85).aspx#xdomain";
}
$.console.log( "%s while making AJAX request: %s", e.name, msg );
request.onreadystatechange = function(){};