2

I am trying to do "POST" with XMLHttpRequest in a firefox extension, and after that I try to get the "Location" header and open it in a new tab. For some reason, the XMLHttpRequest doesn't contain a location header.

My code

function web(url,request)
{
    var http = new XMLHttpRequest();
    http.open('POST',url,true);
    http.setRequestHeader('Content-Type','application/x-www-form-urlencoded');
    http.onreadystatechange=function() {
    if(http.readyState == 2) {
        alert(http.getResponseHeader("Location"));
        }
    }
    http.send(request);
}

Also, if I change the alert to getAllResponseHeaders() to see all headers, I just don't see the location header there. If I try to spy on the request of the original site with Firebug, it does show me the location header in the response. Please help me resolve my issues. Thanks :)

P.S. I'm also unable to open a link in new tab using window.open(url, this.window.title);, but as that's not directly related to the rest of this I'll post a separate question to ask about it.

Community
  • 1
  • 1
Michael S.
  • 305
  • 4
  • 17
  • 1
    In your firebug console, do you see a second request fly by that corresponds to the redirect? – greim Apr 08 '10 at 20:16
  • 1
    See http://stackoverflow.com/questions/228225/prevent-redirection-of-xmlhttprequest/343359#343359 – Crescent Fresh Apr 08 '10 at 20:54
  • @greim The request is to "http://www.virustotal.com/vt/en/consultamd5" and I see in the console "POST" with response status "303 See Other" that contains the location of the next "GET" that occurs (in this case http://www.virustotal.com/buscaHash.html?invalid because I sent invalid hash) – Michael S. Apr 08 '10 at 20:59
  • @Crescent Fresh so you are saying there is no way I can do what I want? – Michael S. Apr 08 '10 at 21:01
  • 1
    @mcco: Correct! (at least, not by using the standard `Location` header). See http://stackoverflow.com/questions/1462919/form-that-makes-browser-redirect-when-accessed-by-either-a-regular-form-submit-or/1463206#1463206 – Crescent Fresh Apr 08 '10 at 21:19
  • The problem is, that I can't access the server-side to create another header if XHR is detected.. I guess I need to use some other way to view the content I need. – Michael S. Apr 08 '10 at 22:08

1 Answers1

2

I think that current implementations of XHR are Location: agnostic. In other words, since XHR transparently follows HTTP redirects in a manner that is invisible to your code, I suspect that the whole XHR ball of wax has been made Location: agnostic and that the header is simply being stripped out.

[edit] Actually, now that I think of it, if XHR is following the redirect, then wouldn't it be the headers of the response to the redirect that you're seeing, and not the headers of the redirect itself?

greim
  • 9,149
  • 6
  • 34
  • 35
  • Sorry but I don't really understand what "Location: agnostic" means.. If it means that I simply can't get it in any way from XHR, is there any other way I can do what I want? – Michael S. Apr 08 '10 at 20:13
  • 1
    I mean that the API that XHR exposes to programmers has no concept of following Location: redirects. It is handled magically behind the curtain. Also see the [edit] I just added to the answer. – greim Apr 08 '10 at 20:26