Avoid CORS nuisance during rewrite test

diff --git a/wcfsetup/install/files/js/WoltLabSuite/Core/Acp/Ui/Option/RewriteTest.js b/wcfsetup/install/files/js/WoltLabSuite/Core/Acp/Ui/Option/RewriteTest.js
index e33d1a5ea9773d8e4a25c01ffa9bc5137c55127a..e4598999d21838d3fbdc84440d896831cfd2d52d 100644 (file)
--- a/wcfsetup/install/files/js/WoltLabSuite/Core/Acp/Ui/Option/RewriteTest.js
+++ b/wcfsetup/install/files/js/WoltLabSuite/Core/Acp/Ui/Option/RewriteTest.js
@@ -73,6 +73,8 @@ define(['AjaxRequest', 'Language', 'Ui/Dialog'], function (AjaxRequest, Language
                                                ignoreError: true,
                                                // bypass the LinkHandler, because rewrites aren't enabled yet
                                                url: url,
+                                               type: 'GET',
+                                               includeRequestedWith: false,
                                                success: function(data) {
                                                        if (!data.hasOwnProperty('core_rewrite_test') || data.core_rewrite_test !== 'passed') {
                                                                failure();

diff --git a/wcfsetup/install/files/js/WoltLabSuite/Core/Ajax/Request.js b/wcfsetup/install/files/js/WoltLabSuite/Core/Ajax/Request.js
index 77d50adbb6919507b37fb81d19e4ed884204d290..c1a23cfa34ebe72139a36159fd60fc3d31433878 100644 (file)
--- a/wcfsetup/install/files/js/WoltLabSuite/Core/Ajax/Request.js
+++ b/wcfsetup/install/files/js/WoltLabSuite/Core/Ajax/Request.js
@@ -46,6 +46,7 @@ define(['Core', 'Language', 'Dom/ChangeListener', 'Dom/Util', 'Ui/Dialog', 'Wolt
                                ignoreError: false,
                                pinData: false,
                                silent: false,
+                               includeRequestedWith: true,
                                
                                // callbacks
                                failure: null,
@@ -67,7 +68,8 @@ define(['Core', 'Language', 'Dom/ChangeListener', 'Dom/Util', 'Ui/Dialog', 'Wolt
                        }
                        
                        if (this._options.url.indexOf(WSC_API_URL) === 0) {
-                               // allows allow credentials when querying the very own server
+                               this._options.includeRequestedWith = true;
+                               // always include credentials when querying the very own server
                                this._options.withCredentials = true;
                        }
                        
@@ -113,7 +115,9 @@ define(['Core', 'Language', 'Dom/ChangeListener', 'Dom/Util', 'Ui/Dialog', 'Wolt
                        if (this._options.contentType) {
                                this._xhr.setRequestHeader('Content-Type', this._options.contentType);
                        }
-                       this._xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
+                       if (this._options.withCredentials || this._options.includeRequestedWith) {
+                               this._xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
+                       }
                        if (this._options.withCredentials) {
                                this._xhr.withCredentials = true;
                        }