[vchess.git] / client / src / utils / ajax.js

import params from "../parameters"; //for server URL

// TODO: replace by fetch API ?
// https://www.sitepoint.com/xmlhttprequest-vs-the-fetch-api-whats-best-for-ajax-in-2019/
// Problem: fetch() does not set req.xhr... see access/ajax() security especially for /whoami

// From JSON (encoded string values!) to "arg1=...&arg2=..."
function toQueryString(data)
{
	let data_str = "";
	Object.keys(data).forEach(k => {
		data_str += k + "=" + encodeURIComponent(data[k]) + "&";
	});
	return data_str.slice(0, -1); //remove last "&"
}

// data, error: optional
export function ajax(url, method, data, success, error)
{
	let xhr = new XMLHttpRequest();
	if (data === undefined || typeof(data) === "function") //no data
	{
		error = success;
		success = data;
		data = {};
	}
  if (!success)
    success = () => {}; //by default, do nothing
	if (!error)
		error = errmsg => { alert(errmsg); };
	xhr.onreadystatechange = function() {
		if (this.readyState == 4 && this.status == 200)
		{
      let res_json = "";
			try {
				res_json = JSON.parse(xhr.responseText);
      } catch (e) {
				// Plain text (e.g. for rules retrieval)
				return success(xhr.responseText);
      }
      if (!res_json.errmsg && !res_json.errno)
        success(res_json);
			else
      {
        if (!!res_json.errmsg)
				  error(res_json.errmsg);
        else
          error(res_json.code + ". errno = " + res_json.errno);
      }
		}
	};

	if (["GET","DELETE"].includes(method) && !!data)
	{
		// Append query params to URL
		url += "/?" + toQueryString(data);
	}
	xhr.open(method, params.serverUrl + url, true);
	xhr.setRequestHeader('X-Requested-With', "XMLHttpRequest");
	// Next line to allow cross-domain cookies in dev mode (TODO: if...)
  if (params.cors)
    xhr.withCredentials = true;
  if (["POST","PUT"].includes(method))
	{
		xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
		xhr.send(JSON.stringify(data));
	}
	else
		xhr.send();
}
Commit	Line	Data
03470390 BA	1	import params from "../parameters"; //for server URL
03470390 BA	2
e64c6f67 BA	3	// TODO: replace by fetch API ?
e64c6f67 BA	4	// https://www.sitepoint.com/xmlhttprequest-vs-the-fetch-api-whats-best-for-ajax-in-2019/
317b8a56	5	// Problem: fetch() does not set req.xhr... see access/ajax() security especially for /whoami
e64c6f67	6
da06a6eb BA	7	// From JSON (encoded string values!) to "arg1=...&arg2=..."
	8	function toQueryString(data)
	9	{
	10	let data_str = "";
	11	Object.keys(data).forEach(k => {
b57dbd12	12	data_str += k + "=" + encodeURIComponent(data[k]) + "&";
da06a6eb BA	13	});
	14	return data_str.slice(0, -1); //remove last "&"
	15	}
	16
	17	// data, error: optional
625022fd	18	export function ajax(url, method, data, success, error)
da06a6eb BA	19	{
da06a6eb BA	20	let xhr = new XMLHttpRequest();
b4de2e73	21	if (data === undefined \|\| typeof(data) === "function") //no data
da06a6eb BA	22	{
	23	error = success;
	24	success = data;
	25	data = {};
	26	}
b4de2e73 BA	27	if (!success)
b4de2e73 BA	28	success = () => {}; //by default, do nothing
da06a6eb BA	29	if (!error)
da06a6eb BA	30	error = errmsg => { alert(errmsg); };
da06a6eb BA	31	xhr.onreadystatechange = function() {
	32	if (this.readyState == 4 && this.status == 200)
	33	{
1aeed627	34	let res_json = "";
da06a6eb	35	try {
1aeed627 BA	36	res_json = JSON.parse(xhr.responseText);
1aeed627 BA	37	} catch (e) {
da06a6eb	38	// Plain text (e.g. for rules retrieval)
1aeed627 BA	39	return success(xhr.responseText);
1aeed627 BA	40	}
6f57a976	41	if (!res_json.errmsg && !res_json.errno)
1aeed627 BA	42	success(res_json);
1aeed627 BA	43	else
6f57a976 BA	44	{
	45	if (!!res_json.errmsg)
	46	error(res_json.errmsg);
	47	else
	48	error(res_json.code + ". errno = " + res_json.errno);
	49	}
da06a6eb BA	50	}
	51	};
	52
	53	if (["GET","DELETE"].includes(method) && !!data)
	54	{
	55	// Append query params to URL
	56	url += "/?" + toQueryString(data);
	57	}
03470390	58	xhr.open(method, params.serverUrl + url, true);
da06a6eb	59	xhr.setRequestHeader('X-Requested-With', "XMLHttpRequest");
deca03e8	60	// Next line to allow cross-domain cookies in dev mode (TODO: if...)
98f48579 BA	61	if (params.cors)
98f48579 BA	62	xhr.withCredentials = true;
1aeed627	63	if (["POST","PUT"].includes(method))
da06a6eb BA	64	{
	65	xhr.setRequestHeader("Content-Type", "application/json;charset=UTF-8");
	66	xhr.send(JSON.stringify(data));
	67	}
	68	else
	69	xhr.send();
	70	}