import params from "../parameters"; //for server URL
+// TODO: replace by fetch API ?
+// https://www.sitepoint.com/xmlhttprequest-vs-the-fetch-api-whats-best-for-ajax-in-2019/
+// Problem: fetch() does not set req.xhr... see access/ajax() security especially for /whoami
+
// From JSON (encoded string values!) to "arg1=...&arg2=..."
function toQueryString(data)
{
export function ajax(url, method, data, success, error)
{
let xhr = new XMLHttpRequest();
- if (typeof(data) === "function") //no data
+ if (data === undefined || typeof(data) === "function") //no data
{
error = success;
success = data;
data = {};
}
+ if (!success)
+ success = () => {}; //by default, do nothing
if (!error)
error = errmsg => { alert(errmsg); };
-
xhr.onreadystatechange = function() {
if (this.readyState == 4 && this.status == 200)
{
+ let res_json = "";
try {
- let res_json = JSON.parse(xhr.responseText);
- if (!res_json.errmsg)
- success(res_json);
- else
- error(res_json.errmsg);
- } catch (e) {
+ res_json = JSON.parse(xhr.responseText);
+ } catch (e) {
// Plain text (e.g. for rules retrieval)
- success(xhr.responseText);
- }
+ return success(xhr.responseText);
+ }
+ if (!res_json.errmsg && !res_json.errno)
+ success(res_json);
+ else
+ {
+ if (!!res_json.errmsg)
+ error(res_json.errmsg);
+ else
+ error(res_json.code + ". errno = " + res_json.errno);
+ }
}
};
}
xhr.open(method, params.serverUrl + url, true);
xhr.setRequestHeader('X-Requested-With', "XMLHttpRequest");
- if (["POST","PUT"].includes(method))
+ // Next line to allow cross-domain cookies in dev mode (TODO: if...)
+ if (params.cors)
+ xhr.withCredentials = true;
+ if (["POST","PUT"].includes(method))
{
xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
xhr.send(JSON.stringify(data));