Annotation of 2006/webapi/XMLHttpRequest/Overview.html, revision 1.167
1.1 avankest 1: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
1.2 avankest 2:
1.25 avankest 3: <html lang=en-US>
1.1 avankest 4: <head>
5: <title>The XMLHttpRequest Object</title>
1.2 avankest 6:
1.20 avankest 7: <style type="text/css">
1.118 avankest 8: pre.idl { border:solid thin; background:#eee; color:#000; padding:0.5em }
1.20 avankest 9: pre.idl :link, pre.idl :visited { color:inherit; background:transparent }
1.60 avankest 10: pre code { color:inherit; background:transparent }
1.20 avankest 11: div.example { margin-left:1em; padding-left:1em; border-left:double; color:#222; background:#fcfcfc }
1.90 avankest 12: .note { margin-left:2em; font-weight:bold; font-style:italic; color:#008000 }
1.20 avankest 13: p.note::before { content:"Note: " }
1.90 avankest 14: .issue { padding:.5em; border:solid #f00 }
1.20 avankest 15: p.issue::before { content:"Issue: " }
1.120 avankest 16: dl.switch { padding-left:2em }
17: dl.switch dt { text-indent:-1.5em }
18: dl.switch dt:before { content:'\21AA'; padding:0 0.5em 0 0; display:inline-block; width:1em; text-align:right; line-height:0.5em }
1.20 avankest 19: em.ct { text-transform:lowercase; font-variant:small-caps; font-style:normal }
20: dfn { font-weight:bold; font-style:normal }
21: code { color:orangered }
22: code :link, code :visited { color:inherit }
1.123 avankest 23: h1 code, h2 code, h3 code { color:inherit; background:inherit; font:inherit }
1.20 avankest 24: </style>
1.154 avankest 25: <link href="http://www.w3.org/StyleSheets/TR/W3C-ED" rel=stylesheet>
1.2 avankest 26:
1.1 avankest 27: <body>
1.25 avankest 28: <div class=head>
29: <p><a href="http://www.w3.org/"><img alt=W3C height=48
30: src="http://www.w3.org/Icons/w3c_home" width=72></a></p>
1.2 avankest 31:
1.157 avankest 32: <h1 class=head id=the-xmlhttprequest-object>The <code
1.14 avankest 33: title="">XMLHttpRequest</code> Object</h1>
1.2 avankest 34:
1.167 ! avankest 35: <h2 class="no-num no-toc" id=w3c-doctype>Editor's Draft 19 December 2007</h2>
1.2 avankest 36:
1.1 avankest 37: <dl>
1.154 avankest 38: <dt>This Version:
1.2 avankest 39:
40: <dd><a
1.154 avankest 41: href="http://dev.w3.org/2006/webapi/XMLHttpRequest/">http://dev.w3.org/2006/webapi/XMLHttpRequest/</a></dd>
1.167 ! avankest 42: <!--<dd><a href="http://www.w3.org/TR/2007/ED-XMLHttpRequest-20071219/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071219/</a></dd>-->
1.2 avankest 43:
1.14 avankest 44: <dt>Latest Version:
1.2 avankest 45:
46: <dd><a
47: href="http://www.w3.org/TR/XMLHttpRequest/">http://www.w3.org/TR/XMLHttpRequest/</a>
48:
1.14 avankest 49: <dt>Previous Versions:
1.2 avankest 50:
51: <dd><a
1.155 avankest 52: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071026/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071026/</a>
53:
54: <dd><a
1.134 avankest 55: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/</a>
56:
57: <dd><a
1.60 avankest 58: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070227/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070227/</a>
59:
60: <dd><a
1.25 avankest 61: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060927/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060927/</a>
62:
63: <dd><a
1.2 avankest 64: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060619/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060619/</a>
65:
66: <dd><a
67: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060405/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060405/</a>
68:
69: <dt>Editor:
70:
71: <dd><a href="http://annevankesteren.nl/">Anne van Kesteren</a> (<a
72: href="http://www.opera.com/">Opera Software ASA</a>) <<a
73: href="mailto:annevk@opera.com">annevk@opera.com</a>>
1.1 avankest 74: </dl>
1.2 avankest 75:
1.25 avankest 76: <p class=copyright><a
1.2 avankest 77: href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a>
1.53 avankest 78: © 2007 <a href="http://www.w3.org/"><acronym title="World Wide Web
79: Consortium">W3C</acronym></a><sup>®</sup> (<a
80: href="http://www.csail.mit.edu/"><acronym title="Massachusetts Institute
81: of Technology">MIT</acronym></a>, <a
82: href="http://www.ercim.org/"><acronym title="European Research Consortium
83: for Informatics and Mathematics">ERCIM</acronym></a>, <a
1.2 avankest 84: href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a
85: href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>,
86: <a
87: href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a>
88: and <a
89: href="http://www.w3.org/Consortium/Legal/copyright-documents">document
90: use</a> rules apply.</p>
1.1 avankest 91: </div>
1.2 avankest 92:
93: <hr>
94:
1.25 avankest 95: <h2 class="no-num no-toc" id=specabstract>Abstract</h2>
1.2 avankest 96:
1.25 avankest 97: <p>The <code title="">XMLHttpRequest</code> Object specification defines an
98: <abbr title="Application Programming Interface">API</abbr> that provides
99: scripted client functionality for transferring data between a client and a
100: server.
101:
102: <h2 class="no-num no-toc" id=sotd>Status of this Document</h2>
1.2 avankest 103:
104: <p><em>This section describes the status of this document at the time of
105: its publication. Other documents may supersede this document. A list of
106: current W3C publications and the latest revision of this technical report
107: can be found in the <a href="http://www.w3.org/TR/">W3C technical reports
1.65 avankest 108: index</a> at http://www.w3.org/TR/.</em></p>
109: <!-- change back to Last Call -->
1.2 avankest 110:
1.167 ! avankest 111: <p>This is the 19 December 2007 Working Draft of The <code
1.148 avankest 112: title="">XMLHttpRequest</code> Object specification. Please send comments
113: to <a href="mailto:public-webapi@w3.org">public-webapi@w3.org</a> (<a
1.49 avankest 114: href="http://lists.w3.org/Archives/Public/public-webapi/">archived</a>)
115: with either <samp>[XHR]</samp> or <samp title="">[XMLHttpRequest]</samp>
1.65 avankest 116: at the start of the subject line<!-- by 2 April 2007-->.
1.49 avankest 117:
118: <p>This document is produced by the <a
119: href="http://www.w3.org/2006/webapi/">Web API Working Group</a>, part of
120: the <a href="http://www.w3.org/2006/rwc/Activity">Rich Web Clients
121: Activity</a> in the W3C <a
122: href="http://www.w3.org/Interaction/">Interaction Domain</a>. Changes made
123: to this document can be found in the <a
124: href="http://dev.w3.org/cvsweb/2006/webapi/XMLHttpRequest/Overview.html">W3C
125: public CVS server</a>.
1.2 avankest 126:
127: <p>Publication as a Working Draft does not imply endorsement by the W3C
128: Membership. This is a draft document and may be updated, replaced or
129: obsoleted by other documents at any time. It is inappropriate to cite this
130: document as other than work in progress.
131:
132: <p>This document was produced by a group operating under the <a
133: href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5 February
1.54 avankest 134: 2004 W3C Patent Policy</a>. W3C maintains a <a
135: href="http://www.w3.org/2004/01/pp-impl/38482/status"
1.25 avankest 136: rel=disclosure>public list of any patent disclosures</a> made in
1.2 avankest 137: connection with the deliverables of the group; that page also includes
138: instructions for disclosing a patent. An individual who has actual
139: knowledge of a patent which the individual believes contains <a
140: href="http://www.w3.org/Consortium/Patent-Policy-20040205/#def-essential">Essential
141: Claim(s)</a> must disclose the information in accordance with <a
142: href="http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-Disclosure">section
143: 6 of the W3C Patent Policy</a>.
144:
1.25 avankest 145: <h2 class="no-num no-toc" id=toc>Table of Contents</h2>
1.2 avankest 146: <!--begin-toc-->
147:
1.25 avankest 148: <ul class=toc>
149: <li><a href="#introduction"><span class=secno>1. </span>Introduction</a>
1.154 avankest 150:
151: <li><a href="#conformance"><span class=secno>2. </span>Conformance</a>
1.25 avankest 152: <ul class=toc>
1.154 avankest 153: <li><a href="#dependencies"><span class=secno>2.1.
154: </span>Dependencies</a>
1.2 avankest 155:
1.154 avankest 156: <li><a href="#terminology"><span class=secno>2.2. </span>Terminology</a>
1.25 avankest 157:
1.81 avankest 158:
1.154 avankest 159: <li><a href="#extensibility"><span class=secno>2.3.
160: </span>Extensibility</a>
161: </ul>
1.81 avankest 162:
1.154 avankest 163: <li><a href="#security"><span class=secno>3. </span>Security
164: Considerations</a>
1.2 avankest 165:
1.154 avankest 166: <li><a href="#xmlhttprequest"><span class=secno>4. </span>The <code
1.16 avankest 167: title="">XMLHttpRequest</code> Object</a>
1.25 avankest 168: <ul class=toc>
1.154 avankest 169: <li><a href="#events"><span class=secno>4.1. </span>Events for the <code
1.33 avankest 170: title="">XMLHttpRequest</code> Object</a>
171:
1.154 avankest 172: <li><a href="#exceptions"><span class=secno>4.2. </span>Exceptions for
1.33 avankest 173: the <code title="">XMLHttpRequest</code> Object</a>
1.11 avankest 174: </ul>
1.2 avankest 175:
1.31 avankest 176: <li class=no-num><a href="#notcovered">Not in this Specification</a>
177:
1.25 avankest 178: <li class=no-num><a href="#bibref">References</a>
1.2 avankest 179:
1.131 avankest 180: <li class=no-num><a href="#acknowledgments">Acknowledgments</a>
1.2 avankest 181: </ul>
182: <!--end-toc-->
183:
1.25 avankest 184: <h2 id=introduction><span class=secno>1. </span>Introduction</h2>
1.2 avankest 185:
186: <p><em>This section is non-normative.</em>
187:
1.60 avankest 188: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
189: object implements an interface exposed by a scripting engine that allows
190: scripts to perform HTTP client functionality, such as submitting form data
191: or loading data from a server.
1.2 avankest 192:
193: <p>The name of the object is <code><a
1.60 avankest 194: href="#xmlhttprequest-object">XMLHttpRequest</a></code> for compatibility
1.128 avankest 195: with the Web, though each component of this name is potentially
1.60 avankest 196: misleading. First, the object supports any text based format, including
197: XML. Second, it can be used to make requests over both HTTP and HTTPS
198: (some implementations support protocols in addition to HTTP and HTTPS, but
199: that functionality is not covered by this specification). Finally, it
200: supports "requests" in a broad sense of the term as it pertains to HTTP;
201: namely all activity involved with HTTP requests or responses for the
202: defined HTTP methods.
1.2 avankest 203:
1.25 avankest 204: <div class=example>
1.18 avankest 205: <p>Some simple code to do something with data from an XML document fetched
206: over the network:</p>
207:
1.60 avankest 208: <pre><code>function test(data) {
1.18 avankest 209: // taking care of data
210: }
211:
212: function handler() {
1.118 avankest 213: if(this.readyState == 4 && this.status == 200) {
1.18 avankest 214: // so far so good
1.118 avankest 215: if(this.responseXML != null && this.responseXML.getElementById('test').firstChild.data)
216: // success!
1.18 avankest 217: test(this.responseXML.getElementById('test').firstChild.data);
218: else
219: test(null);
1.118 avankest 220: } else if (this.readyState == 4 && this.status != 200) {
1.18 avankest 221: // fetched the wrong page or network error...
222: test(null);
223: }
224: }
225:
226: var client = new XMLHttpRequest();
227: client.onreadystatechange = handler;
228: client.open("GET", "test.xml");
1.60 avankest 229: client.send();</code></pre>
1.18 avankest 230:
1.58 avankest 231: <p>If you just want to log a message to the server:</p>
1.18 avankest 232:
1.60 avankest 233: <pre><code>function log(message) {
1.18 avankest 234: var client = new XMLHttpRequest();
1.58 avankest 235: client.open("POST", "/log");
1.59 avankest 236: client.setRequestHeader("Content-Type", "text/plain;charset=UTF-8");
1.18 avankest 237: client.send(message);
1.60 avankest 238: }</code></pre>
1.18 avankest 239:
240: <p>Or if you want to check the status of a document on the server:</p>
241:
1.60 avankest 242: <pre><code>function fetchStatus(address) {
1.18 avankest 243: var client = new XMLHttpRequest();
244: client.onreadystatechange = function() {
245: // in case of network errors this might not give reliable results
246: if(this.readyState == 4)
247: returnStatus(this.status);
248: }
249: client.open("HEAD", address);
250: client.send();
1.60 avankest 251: }</code></pre>
1.18 avankest 252: </div>
1.2 avankest 253:
1.154 avankest 254: <h2 id=conformance><span class=secno>2. </span>Conformance</h2>
1.2 avankest 255:
1.29 avankest 256: <p>Everything in this specification is normative except for diagrams,
1.2 avankest 257: examples, notes and sections marked non-normative.
258:
1.25 avankest 259: <p>The key words <em class=ct>must</em>, <em class=ct>must not</em>, <em
1.75 avankest 260: class=ct>should</em> and <em class=ct>may</em> in this document are to be
261: interpreted as described in RFC 2119. [<cite><a
1.146 avankest 262: href="#ref-rfc2119">RFC2119</a></cite>]
1.2 avankest 263:
264: <p>This specification defines the following classes of products:
265:
266: <dl>
1.75 avankest 267: <dt><dfn id=conforming-user-agent>Conforming user agent</dfn>
1.2 avankest 268:
1.75 avankest 269: <dd>
270: <p>A user agent <em class=ct>must</em> behave as described in this
1.107 avankest 271: specification in order to be considered conformant.</p>
1.75 avankest 272:
1.141 avankest 273: <p>If the user agent is not a conforming XML user agent the <a
274: href="#xml-response-entity-body">XML response entity body</a> <em
275: class=ct>must</em> (always) be <code>null</code>.</p>
276:
277: <p>User agents <em class=ct>may</em> implement algorithms given in this
278: specification in any way desired, so long as the end result is
279: indistinguishable from the result that would be obtained by the
280: specification's algorithms.</p>
1.2 avankest 281:
1.96 avankest 282: <p class=note>This specification uses both the terms "conforming user
283: agent(s)" and "user agent(s)" to refer to this product class.</p>
284:
1.95 avankest 285: <dt><dfn id=conforming-xml-user-agent>Conforming XML user agent</dfn>
286:
287: <dd>
1.164 avankest 288: <p>An XML user agent <em class=ct>must</em> be a <a
289: href="#conforming-user-agent">conforming user agent</a> and <em
290: class=ct>must</em> be a conforming XML processor that reports violations
291: of namespace well-formedness. [<cite><a href="#ref-xml">XML</a></cite>]
292: [<cite><a href="#ref-xmlns">XMLNS</a></cite>]
1.2 avankest 293: </dl>
294:
1.154 avankest 295: <h3 id=dependencies><span class=secno>2.1. </span>Dependencies</h3>
1.2 avankest 296:
1.31 avankest 297: <p>This specification relies on several underlying specifications.
1.2 avankest 298:
1.31 avankest 299: <dl>
300: <dt>DOM
1.2 avankest 301:
1.31 avankest 302: <dd>
1.127 avankest 303: <p>A <a href="#conforming-user-agent" title="conforming user
304: agent">conforming user agent</a> <em class=ct>must</em> support some
1.151 avankest 305: subset of the functionality defined in DOM Events and DOM Core that this
306: specification relies upon. [<cite><a
1.156 avankest 307: href="#ref-dom2events">DOM2Events</a></cite>] [<cite><a
308: href="#ref-dom3core">DOM3Core</a></cite>]
1.2 avankest 309:
1.162 avankest 310: <dt>HTML 5
311:
312: <dd>
313: <p>This specification depends on HTML 5 for defining the
314: <code>Window</code> object and finding the character encoding of a
315: <code>text/html</code> resource. A <a
316: href="#conforming-user-agent">conforming user agent</a> <em
317: class=ct>must</em> support these features. [<cite><a
318: href="#ref-html5">HTML5</a></cite>]</p>
319:
320: <p class=note>The <a
321: href="http://www.w3.org/TR/2006/WD-Window-20060407/">Window Object
322: 1.0</a> draft is not referenced normatively as it appears to be no
323: longer maintained and HTML 5 defines the <code>Window</code> object
324: in more detail. This specification already depends on HTML 5 for
325: other reasons so there is not much additional overhead because of this.</p>
326:
1.31 avankest 327: <dt>HTTP
1.11 avankest 328:
1.31 avankest 329: <dd>
1.156 avankest 330: <p>A <a href="#conforming-user-agent">conforming user agent</a> <em
331: class=ct>must</em> support some version of the HTTP protocol. It <em
332: class=ct>should</em> support any HTTP method that matches the <a
333: href="#method"><code>Method</code> production</a> and <em
334: class=ct>must</em> at least support the following methods:</p>
1.81 avankest 335:
1.60 avankest 336: <ul>
337: <li><code>GET</code>
338:
339: <li><code>POST</code>
340:
341: <li><code>HEAD</code>
342:
343: <li><code>PUT</code>
344:
345: <li><code>DELETE</code>
346:
347: <li><code>OPTIONS</code>
348: </ul>
349:
350: <p>Other requirements regarding HTTP are made throughout the
1.146 avankest 351: specification. [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.31 avankest 352: </dl>
1.2 avankest 353:
1.154 avankest 354: <h3 id=terminology><span class=secno>2.2. </span>Terminology</h3>
1.81 avankest 355:
356: <p>There is a <dfn id=case-insensitive-match>case-insensitive match</dfn>
1.154 avankest 357: of strings <var>s1</var> and <var>s2</var> if after mapping the ASCII
358: character range A-Z to the range a-z both strings are identical.
1.2 avankest 359:
1.142 avankest 360: <p>Two URIs are <dfn id=same-origin>same-origin</dfn> if after performing
361: scheme-based normalization on both URIs as described in section 5.3.3 of
1.146 avankest 362: RFC 3987 the scheme, ihost and port components are identical. If either
1.154 avankest 363: URI does not have an ihost component the URIs <em class=ct>must not</em>
364: be considered same-origin. [<cite><a
1.148 avankest 365: href="#ref-rfc3987">RFC3987</a></cite>]
1.142 avankest 366:
1.158 avankest 367: <p>The terms <dfn id=origin>origin</dfn> and <dfn
368: id=event-handler-attribute>event handler DOM attribute</dfn> are defined
369: by the HTML 5 specification. [<cite><a
370: href="#ref-html5">HTML5</a></cite>]
1.156 avankest 371:
1.154 avankest 372: <h3 id=extensibility><span class=secno>2.3. </span>Extensibility</h3>
1.2 avankest 373:
1.82 avankest 374: <p>Extensions of the API defined by this specification are <em>strongly
1.31 avankest 375: discouraged</em>. User agents, Working Groups and other interested parties
1.35 avankest 376: should discuss extensions on a relevant public forum, preferably <a
1.31 avankest 377: href="mailto:public-webapi@w3.org">public-webapi@w3.org</a>.
1.2 avankest 378:
1.154 avankest 379: <h2 id=security><span class=secno>3. </span>Security Considerations</h2>
380:
1.155 avankest 381: <p>Apart from requirements affecting security made throughout this
382: specification implementations <em class=ct>may</em>, at their discretion,
1.159 avankest 383: not expose certain headers, such as HttpOnly cookies.
1.154 avankest 384:
385: <h2 id=xmlhttprequest><span class=secno>4. </span>The <code
1.16 avankest 386: title="">XMLHttpRequest</code> Object</h2>
1.2 avankest 387:
1.60 avankest 388: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
389: object can be used by scripts to programmatically connect to their
390: originating server via HTTP.
1.2 avankest 391:
392: <p>Objects implementing the <code><a
1.60 avankest 393: href="#xmlhttprequest-object">XMLHttpRequest</a></code> interface <em
394: class=ct>must</em> also implement the <code>EventTarget</code> interface.
1.156 avankest 395: [<cite><a href="#ref-dom2events">DOM2Events</a></cite>]
1.60 avankest 396:
397: <p>Objects implementing the <code title="">Window</code> interface <em
398: class=ct>must</em> provide an <code title="">XMLHttpRequest()</code>
1.156 avankest 399: constructor. [<cite><a href="#ref-html5">HTML5</a></cite>]
1.2 avankest 400:
1.25 avankest 401: <div class=example>
1.60 avankest 402: <p>In ECMAScript this can be used as follows:</p>
1.118 avankest 403:
1.60 avankest 404: <pre><code>var client = new XMLHttpRequest();</code></pre>
1.1 avankest 405: </div>
1.2 avankest 406:
1.60 avankest 407: <p>When the <code title="">XMLHttpRequest()</code> constructor is invoked a
1.158 avankest 408: persistent pointer to the associated <code title="">Document</code> object
409: is stored on the newly created object. This is the <dfn
410: id=document-pointer title="Document pointer"><code>Document</code>
411: pointer</dfn>. The associated <code>Document</code> object is the one
412: returned by the <code>document</code> attribute from the object on which
413: the <code title="">XMLHttpRequest()</code> constructor was invoked (a
414: <code>Window</code> object). The pointer can become "null" if the object
415: is destroyed.
416:
417: <p class=note>As per the conformance criteria implementations are free to
418: implement this in any way they desire as long as the end results are
419: identical to those given by the English prose.
1.2 avankest 420:
1.60 avankest 421: <div class=example>
1.158 avankest 422: <p>If <var><code>iframe</code></var> is a <code title="">Window</code>
423: object <var><code>client</code></var> will have a pointer to
424: <var><code>iframe.document</code></var> in the following example:</p>
1.60 avankest 425:
1.158 avankest 426: <pre><code>var client = new iframe.XMLHttpRequest()</code></pre>
1.60 avankest 427: </div>
1.11 avankest 428:
1.60 avankest 429: <pre
430: class=idl>interface <dfn id=xmlhttprequest-object>XMLHttpRequest</dfn> {
431: // event handler
1.132 avankest 432: attribute EventListener <a href="#onreadystatechange">onreadystatechange</a>;
1.60 avankest 433:
434: // state
1.135 avankest 435: const unsigned short <a href="#unsent-state" title="UNSENT state">UNSENT</a> = 0;
436: const unsigned short <a href="#opened-state" title="OPENED state">OPENED</a> = 1;
1.132 avankest 437: const unsigned short <a href="#headers-received-state" title="HEADERS_RECEIVED state">HEADERS_RECEIVED</a> = 2;
438: const unsigned short <a href="#loading-state" title="LOADING state">LOADING</a> = 3;
439: const unsigned short <a href="#done-state" title="DONE state">DONE</a> = 4;
440: readonly attribute unsigned short <a href="#readystate">readyState</a>;
1.60 avankest 441:
442: // request
1.132 avankest 443: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>);
444: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>);
445: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>, in DOMString <var>user</var>);
446: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>, in DOMString <var>user</var>, in DOMString <var>password</var>);
447: void <a href="#setrequestheader">setRequestHeader</a>(in DOMString <var>header</var>, in DOMString <var>value</var>);
448: void <a href="#send">send</a>();
449: void <a href="#send">send</a>(in DOMString <var>data</var>);
450: void <a href="#send">send</a>(in Document <var>data</var>);
451: void <a href="#abort">abort</a>();
1.60 avankest 452:
453: // response
1.132 avankest 454: DOMString <a href="#getallresponseheaders">getAllResponseHeaders</a>();
455: DOMString <a href="#getresponseheader">getResponseHeader</a>(in DOMString <var>header</var>);
456: readonly attribute DOMString <a href="#responsetext">responseText</a>;
457: readonly attribute Document <a href="#responsexml">responseXML</a>;
458: readonly attribute unsigned short <a href="#status">status</a>;
459: readonly attribute DOMString <a href="#statustext">statusText</a>;
1.5 avankest 460: };</pre>
1.2 avankest 461:
1.60 avankest 462: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
1.135 avankest 463: object can be in five states: <a href="#unsent-state" title="UNSENT
464: state">UNSENT</a>, <a href="#opened-state" title="OPENED
465: state">OPENED</a>, <a href="#headers-received-state"
466: title="HEADERS_RECEIVED state">HEADERS_RECEIVED</a>, <a
467: href="#loading-state" title="LOADING state">LOADING</a> and <a
468: href="#done-state" title="DONE state">DONE</a>. The current state is
469: exposed through the <code><a href="#readystate">readyState</a></code>
470: attribute. The method definitions below define when a state transition
471: takes place.
1.60 avankest 472:
473: <p>When constructed, the <code><a
474: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object <em
1.72 avankest 475: class=ct>must</em> be in the UNSENT state. This state is represented by
1.135 avankest 476: the <dfn id=unsent-state title="UNSENT state"><code>UNSENT</code></dfn>
1.72 avankest 477: constant, whose value is <code>0</code>.
1.60 avankest 478:
1.135 avankest 479: <p>The OPENED state is the state of the object when the <code><a
1.132 avankest 480: href="#open">open()</a></code> method has been successfully invoked.
1.93 avankest 481: During this state request headers can be set using <code><a
1.132 avankest 482: href="#setrequestheader">setRequestHeader()</a></code> and the request can
483: be made using <code><a href="#send">send()</a></code>. This state is
1.135 avankest 484: represented by the <dfn id=opened-state title="OPENED
485: state"><code>OPENED</code></dfn> constant, whose value is <code>1</code>.
1.60 avankest 486:
1.135 avankest 487: <p>The OPENED state has an associated <dfn id=send-flag><code>send()</code>
1.105 avankest 488: flag</dfn> which can be either "true" or "false". The initial value of the
489: <code title="">send()</code> flag is "false".
1.88 avankest 490:
1.124 avankest 491: <p>The HEADERS_RECEIVED state is the state of the object when all response
492: headers have been received. This state is represented by the <dfn
1.132 avankest 493: id=headers-received-state title="HEADERS_RECEIVED
1.124 avankest 494: state"><code>HEADERS_RECEIVED</code></dfn> constant, whose value is
495: <code>2</code>.
496:
497: <p>The LOADING state is the state of the object when the response entity
1.132 avankest 498: body is being received. This state is represented by the <dfn
499: id=loading-state title="LOADING state"><code>LOADING</code></dfn>
500: constant, whose value is <code>3</code>.
1.60 avankest 501:
1.80 avankest 502: <p>The DONE state is the state of the object when either the data transfer
503: has been completed or something went wrong during the transfer (infinite
1.132 avankest 504: redirects for instance). This state is represented by the <dfn
505: id=done-state title="DONE state"><code>DONE</code></dfn> constant, whose
506: value is <code>4</code>.
1.60 avankest 507:
1.125 avankest 508: <p>The DONE state has an associated <dfn id=error-flag>error flag</dfn>
509: which can be either "true" or "false". The initial value of the error flag
510: is "false".
511:
1.89 avankest 512: <p>The <dfn id=response-entity-body>response entity body</dfn> is the
1.132 avankest 513: fragment of the <a href="#entity-body">entity body</a> received so far
1.89 avankest 514: (LOADING state) or the complete entity body (DONE state). If there is no
515: entity body the response entity body is "null".
516:
517: <p>The <dfn id=text-response-entity-body>text response entity body</dfn> is
1.108 avankest 518: either a <code>DOMString</code> representing the <a
519: href="#response-entity-body">response entity body</a> or
1.127 avankest 520: <code>null</code>. The text response entity body is the return value of
521: the following algorithm:
1.89 avankest 522:
523: <ol>
1.91 avankest 524: <li>
1.108 avankest 525: <p>If the response entity body is "null" return <code>null</code> and
526: terminate these steps.</p>
1.91 avankest 527:
528: <li>
1.114 avankest 529: <p>Let <var>charset</var> be "null".
1.112 avankest 530:
531: <li>
1.91 avankest 532: <p>If there is no <code>Content-Type</code> header or there is a
533: <code>Content-Type</code> header which contains a MIME type that is
1.117 avankest 534: <code>text/xml</code>, <code>application/xml</code> or ends in <code
535: title="">+xml</code> (ignoring any parameters) use the rules set forth
1.127 avankest 536: in the XML specifications to determine the character encoding. Let
1.117 avankest 537: <var>charset</var> be the determined character encoding.
1.91 avankest 538:
539: <li>
1.128 avankest 540: <p>If there is a <code>Content-Type</code> header which contains a
1.146 avankest 541: <code>text/html</code> MIME type follow the rules set forth in the
542: HTML 5 specification to determine the character encoding. Let
1.143 avankest 543: <var>charset</var> be the determined character encoding. [<cite><a
1.146 avankest 544: href="#ref-html5">HTML5</a></cite>]
1.119 avankest 545:
546: <li>
1.141 avankest 547: <p>If the MIME type specified by the <code>Content-Type</code> header
548: contains a <code>charset</code> parameter and <var>charset</var> is
549: "null" let <var>charset</var> be the value of that parameter.</p>
1.116 avankest 550:
1.119 avankest 551: <p class=note>The algorithms described by the XML and HTML specifications
552: already take <code>Content-Type</code> into account.</p>
1.112 avankest 553:
554: <li> <!-- This stuff is copied from HTML5. Thanks Hixie! -->
1.114 avankest 555: <p>If <var>charset</var> is "null" then, for each of the rows in the
556: following table, starting with the first one and going down, if the
1.128 avankest 557: first bytes of <var>bytes</var> match the bytes given in the first
558: column, then let <var>charset</var> be the encoding given in the cell in
559: the second column of that row. If there is no match <var>charset</var>
560: remains "null".</p>
1.112 avankest 561:
562: <table>
563: <thead>
564: <tr>
565: <th>Bytes in Hexadecimal
566:
567: <th>Description
568:
569: <tbody>
570: <tr>
571: <td>00 00 FE FF
572:
573: <td>UTF-32BE BOM
574:
575: <tr>
576: <td>FF FE 00 00
577:
578: <td>UTF-32LE BOM
579:
580: <tr>
581: <td>FE FF
582:
583: <td>UTF-16BE BOM
584:
585: <tr>
586: <td>FF FE
587:
588: <td>UTF-16LE BOM
589:
590: <tr>
591: <td>EF BB BF
592:
1.118 avankest 593: <td>UTF-8 BOM<!-- nobody uses this
594: <tr>
595: <td>DD 73 66 73
596: <td>UTF-EBCDIC
1.112 avankest 597: -->
598:
599: </table>
600:
601: <li>
1.114 avankest 602: <p>If <var>charset</var> is "null" let <var>charset</var> be UTF-8.
1.91 avankest 603:
604: <li>
1.108 avankest 605: <p>Return the result of decoding the response entity body using
1.97 avankest 606: <var>charset</var>. Or, if that fails, return <code>null</code>.
1.89 avankest 607: </ol>
608:
1.164 avankest 609: <p class=note>Authors are encouraged to simply encode their resources using
610: UTF-8.
611:
1.108 avankest 612: <p>The <dfn id=xml-response-entity-body>XML response entity body</dfn> is
613: either a <code>Document</code> representing the <a
1.127 avankest 614: href="#response-entity-body">response entity body</a> or
615: <code>null</code>. The XML response entity body is the return value of the
616: following algorithm:
1.89 avankest 617:
618: <ol>
1.91 avankest 619: <li>
1.108 avankest 620: <p>If the response entity body is "null" terminate these steps and return
621: <code>null</code>.
1.89 avankest 622:
623: <li>
1.104 avankest 624: <p>If a <code>Content-Type</code> is present and it does not contain a
625: MIME type (ignoring any parameters) that is <code>text/xml</code>,
1.117 avankest 626: <code>application/xml</code> or ends in <code title="">+xml</code>
627: terminate these steps and return <code>null</code>. (Do not terminate
628: these steps if there is no <code>Content-Type</code> header at all.)
1.89 avankest 629:
630: <li>
1.129 avankest 631: <p>Parse the response entity body into a document tree following the
632: rules from the XML specifications. Let the result be <var>parsed
633: document</var>. If this fails (unsupported character encoding, namespace
634: well-formedness error et cetera) terminate these steps return
635: <code>null</code>. [<cite><a href="#ref-xml">XML</a></cite>] [<cite><a
636: href="#ref-xmlns">XMLNS</a></cite>]</p>
637:
638: <p class=note>Scripts in the resulting document tree will not be
639: executed, resources referenced will not be loaded and no associated XSLT
640: will be applied.</p>
1.89 avankest 641:
642: <li>
1.97 avankest 643: <p>Return an object implementing the <code>Document</code> interface
644: representing the <var>parsed document</var>.
1.89 avankest 645: </ol>
646:
1.6 avankest 647: <dl>
1.132 avankest 648: <dt><dfn id=onreadystatechange><code>onreadystatechange</code></dfn> of
1.158 avankest 649: type <code>EventListener</code>
1.2 avankest 650:
651: <dd>
1.158 avankest 652: <p>This attribute is an <a href="#event-handler-attribute">event handler
653: DOM attribute</a> and <em class=ct>must</em> be invoked whenever a
654: <code><a href="#readystatechange">readystatechange</a></code> event is
655: targated at the object.
1.2 avankest 656:
1.132 avankest 657: <dt><dfn id=readystate><code>readyState</code></dfn> of type
1.2 avankest 658: <code>unsigned short</code>, readonly
659:
660: <dd>
1.151 avankest 661: <p>On getting the attribute <em class=ct>must</em> return the value of
662: the constant corresponding to the object's current state.
1.2 avankest 663:
1.132 avankest 664: <dt><dfn id=open title=open><code>open(<var>method</var>, <var>url</var>,
665: <var>async</var>, <var>user</var>, <var>password</var>)</code></dfn>,
666: method
1.2 avankest 667:
1.60 avankest 668: <dd>
669: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.97 avankest 670: following steps (unless otherwise indicated):</p>
1.2 avankest 671:
1.60 avankest 672: <ol>
673: <li>
1.157 avankest 674: <p>Let <var>stored method</var> be the <var>method</var> argument.
675:
676: <li>
677: <p>If <var>stored method</var> does not match the <dfn
678: id=method><code>Method</code> production</dfn>, defined in section
679: 5.1.1 of RFC 2616, raise a <code>SYNTAX_ERR</code> exception and
1.146 avankest 680: terminate these steps. [<cite><a
681: href="#ref-rfc2616">RFC2616</a></cite>]
1.2 avankest 682:
1.60 avankest 683: <li>
1.157 avankest 684: <p>If <var>stored method</var> <a href="#case-insensitive-match"
685: title="case-insensitive match">case-insensitively matches</a>
686: <code>CONNECT</code>, <code>DELETE</code>, <code>GET</code>,
687: <code>HEAD</code>, <code>OPTIONS</code> <code>POST</code>,
688: <code>PUT</code>, <code>TRACE</code>, or <code>TRACK</code> let
689: <var>stored method</var> be the canonical uppercase form of the
690: matched method name.
691: </li>
692: <!-- WebKit (and supposedly Firefox) also uppercase: COPY, INDEX, LOCK,
693: M-POST, MKCOL, MOVE, PROPFIND, PROPPATCH, and UNLOCK. -->
694:
695: <li>
696: <p>If <var>stored method</var> is one of <code>CONNECT</code>,
697: <code>TRACE</code>, or <code>TRACK</code> the user agent <em
698: class=ct>should</em> raise a <code><a
1.139 avankest 699: href="#security-err">SECURITY_ERR</a></code> exception and terminate
700: these steps.
1.2 avankest 701:
1.60 avankest 702: <li>
703: <p>Drop the fragment identifier (if any) from <var>url</var> and let
704: <var>stored url</var> be the result of that operation.
1.2 avankest 705:
1.60 avankest 706: <li>
1.97 avankest 707: <p>If <var>stored url</var> is a relative reference resolve it using
1.158 avankest 708: the current value of the <code>baseURI</code> attribute of the <a
709: href="#document-pointer"><code>Document</code> pointer</a>. If this
710: fails raise a <code>SYNTAX_ERR</code> exception and terminate these
711: steps.
1.2 avankest 712:
1.60 avankest 713: <li>
1.102 avankest 714: <p>If <var>stored url</var> contains an unsupported scheme raise a
715: <code>NOT_SUPPORTED_ERR</code> and terminate these steps.
716:
717: <li>
1.60 avankest 718: <p>If the <code>"user:password"</code> format in the
719: <code>userinfo</code> production defined in section 3.2.1 of RFC 3986
720: is not supported for the relevant scheme and <var>stored url</var>
1.99 avankest 721: contains this format raise a <code>SYNTAX_ERR</code> and terminate
722: these steps. [<cite><a href="#ref-rfc3986">RFC3986</a></cite>]
1.2 avankest 723:
1.60 avankest 724: <li>
725: <p>If <var>stored url</var> contains the <code>"user:password"</code>
726: format let <var>stored user</var> be the user part and <var>stored
727: password</var> be the password part.
1.2 avankest 728:
1.60 avankest 729: <li>
730: <p>If <var>stored url</var> just contains the <code>"user"</code>
731: format let <var>stored user</var> be the user part.
1.24 avankest 732:
1.60 avankest 733: <li>
1.142 avankest 734: <p>If <var>stored url</var> is not of the <a
1.158 avankest 735: href="#same-origin">same-origin</a> as the <a
736: href="#origin">origin</a> of the <a
737: href="#document-pointer"><code>Document</code> pointer</a> the user
738: agent <em class=ct>should</em> raise a <code><a
1.148 avankest 739: href="#security-err">SECURITY_ERR</a></code> exception and terminate
1.158 avankest 740: these steps.
1.70 avankest 741:
1.60 avankest 742: <li>
743: <p>Let <var>async</var> be the value of the <var>async</var> argument
1.103 avankest 744: or <code>true</code> if it was omitted.
1.60 avankest 745:
746: <li>
1.127 avankest 747: <p>If the <var>user</var> argument was not omitted, and its syntax does
748: not match that specified by the relevant authentication scheme, raise
749: a <code>SYNTAX_ERR</code> exception and terminate these steps.
1.60 avankest 750:
751: <li>
752: <p>If the <var>user</var> argument was not omitted and is not
753: <code>null</code> let <var>stored user</var> be <var>user</var>
754: encoded using the encoding specified in the relevant authentication
755: scheme or UTF-8 if the scheme fails to specify an encoding.</p>
1.2 avankest 756:
1.60 avankest 757: <p class=note>This step overrides any user that may have been set by
758: the <var>url</var> argument.</p>
1.17 avankest 759:
1.60 avankest 760: <li>
761: <p>If the <var>user</var> argument was not omitted and is
762: <code>null</code> remove <var>stored user</var>.
1.17 avankest 763:
1.60 avankest 764: <li>
765: <p>If the <var>password</var> argument was not omitted and its syntax
766: does not match that specified by the relevant authentication scheme
1.99 avankest 767: raise a <code>SYNTAX_ERR</code> exception and terminate these steps.
1.17 avankest 768:
1.60 avankest 769: <li>
770: <p>If the <var>password</var> argument was not omitted and is not
771: <code>null</code> let <var>stored password</var> be
772: <var>password</var> encoded using the encoding specified in the
773: relevant authentication scheme or UTF-8 if the scheme fails to specify
774: an encoding.
1.17 avankest 775:
1.60 avankest 776: <li>
777: <p>If the <var>password</var> argument was not omitted and is
778: <code>null</code> remove <var>stored password</var>.
1.17 avankest 779:
1.60 avankest 780: <li>
1.109 avankest 781: <p><a href="#abort-send-algorithm" title="abort send()">Abort the
782: <code>send()</code> algorithm</a>, set <a
783: href="#response-entity-body">response entity body</a> to "null" and
784: reset the list of request headers.
1.17 avankest 785:
1.60 avankest 786: <p>
1.44 avankest 787:
1.60 avankest 788: <li>
1.109 avankest 789: <p>The user agent <em class=ct>should</em> cancel any network activity
790: for which the object is responsible.
1.60 avankest 791: </li>
792: <!-- we can hardly require it... -->
1.22 avankest 793:
1.60 avankest 794: <li>
1.135 avankest 795: <p>Switch the object to the <a href="#opened-state" title="OPENED
796: state">OPENED</a> state, set the <a
1.132 avankest 797: href="#send-flag"><code>send()</code> flag</a> to "false" and then
798: synchronously dispatch a <code><a
799: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 800: object and return the method call.
1.60 avankest 801: </ol>
1.24 avankest 802:
1.25 avankest 803: <p class=note>A future version or extension of this specification will
1.35 avankest 804: most likely define a way of doing cross-site requests.</p>
1.26 avankest 805:
1.132 avankest 806: <dt><dfn id=setrequestheader
1.25 avankest 807: title=setrequestheader><code>setRequestHeader(<var>header</var>,
1.18 avankest 808: <var>value</var>)</code></dfn>, method
1.6 avankest 809:
810: <dd>
1.164 avankest 811: <p>Each request has a list of request headers with associated values. The
812: <code><a href="#setrequestheader">setRequestHeader()</a></code> method
813: can be used to manipulate those values and set new request headers.</p>
814:
815: <p class=note>The <code><a
816: href="#setrequestheader">setRequestHeader()</a></code> method appends a
817: value if the HTTP header given as argument is already part of the list
818: of request headers.</p>
1.47 avankest 819:
1.60 avankest 820: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.97 avankest 821: following steps (unless otherwise indicated):</p>
1.60 avankest 822:
823: <ol>
824: <li>
1.135 avankest 825: <p>If the state of the object is not <a href="#opened-state"
826: title="OPENED state">OPENED</a> raise an
827: <code>INVALID_STATE_ERR</code> exception and terminate these steps.
1.6 avankest 828:
1.60 avankest 829: <li>
1.104 avankest 830: <p>If the <a href="#send-flag"><code>send()</code> flag</a> is "true"
1.99 avankest 831: raise an <code>INVALID_STATE_ERR</code> exception and terminate these
1.97 avankest 832: steps.
1.60 avankest 833:
834: <li>
1.98 avankest 835: <p>If the <var>header</var> argument does not match the <dfn
1.60 avankest 836: id=field-name><code>field-name</code> production</dfn> as defined by
1.97 avankest 837: section 4.2 of RFC 2616 or is <code>null</code> raise a
1.99 avankest 838: <code>SYNTAX_ERR</code> exception and terminate these steps. [<cite><a
1.146 avankest 839: href="#ref-rfc2616">RFC2616</a></cite>]
1.71 avankest 840:
841: <li>
1.99 avankest 842: <p>If the <var>value</var> argument is <code>null</code> terminate
843: these steps. (Do not raise an exception.)
1.71 avankest 844: </li>
845: <!-- undefined is to be treated as null here... -->
1.60 avankest 846:
847: <li>
1.98 avankest 848: <p>If the <var>value</var> argument does not match the <dfn
1.60 avankest 849: id=field-value><code>field-value</code> production</dfn> as defined by
1.99 avankest 850: section 4.2 of RFC 2616 raise a <code>SYNTAX_ERR</code> and terminate
1.146 avankest 851: these steps. [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]
1.60 avankest 852:
853: <li>
1.133 avankest 854: <p>For security reasons, these steps <em class=ct>should</em> be
1.99 avankest 855: terminated if the <var>header</var> argument <a
856: href="#case-insensitive-match" title="case-insensitive
857: match">case-insensitively matches</a> one of the following headers:</p>
1.34 avankest 858:
859: <ul>
860: <li><code>Accept-Charset</code>
861:
862: <li><code>Accept-Encoding</code>
863:
1.69 avankest 864: <li><code>Connection</code>
865:
1.34 avankest 866: <li><code>Content-Length</code>
867:
1.69 avankest 868: <li><code>Content-Transfer-Encoding</code>
869:
870: <li><code>Date</code>
871:
1.34 avankest 872: <li><code>Expect</code>
873:
874: <li><code>Host</code>
875:
876: <li><code>Keep-Alive</code>
877:
878: <li><code>Referer</code>
879:
880: <li><code>TE</code>
881:
882: <li><code>Trailer</code>
883:
884: <li><code>Transfer-Encoding</code>
885:
886: <li><code>Upgrade</code>
1.69 avankest 887:
888: <li><code>Via</code>
1.34 avankest 889: </ul>
1.6 avankest 890:
1.60 avankest 891: <li>
1.133 avankest 892: <p>Also for security reasons, these steps <em class=ct>should</em> be
893: terminated if the first six characters of the <var>header</var>
894: argument <a href="#case-insensitive-match" title="case-insensitive
895: match">case-insensitively match</a> <code>Proxy-</code>.
896:
897: <li>
1.60 avankest 898: <p>If the <var>header</var> argument is not in the list of request
1.97 avankest 899: headers append the <var>header</var> with its associated
1.99 avankest 900: <var>value</var> to the list and terminate these steps.
1.46 avankest 901:
1.60 avankest 902: <li>
903: <p>If the <var>header</var> argument is in the list of request headers
1.97 avankest 904: either use multiple headers, combine the values or use a combination
905: of those (section 4.2, RFC 2616). [<cite><a
1.146 avankest 906: href="#ref-rfc2616">RFC2616</a></cite>]
1.97 avankest 907: </li>
908: <!-- XXX it seems UAs always combine the values -->
1.60 avankest 909: </ol>
1.18 avankest 910:
1.132 avankest 911: <p class=note>See also the <code><a href="#send">send()</a></code> method
912: regarding user agent header handling for caching, authentication,
1.47 avankest 913: proxies, and cookies.</p>
914:
1.25 avankest 915: <div class=example>
1.60 avankest 916: <pre><code>// The following script:
1.18 avankest 917: var client = new XMLHttpRequest();
918: client.open('GET', 'demo.cgi');
919: client.setRequestHeader('X-Test', 'one');
920: client.setRequestHeader('X-Test', 'two');
921: client.send();
922:
923: // ...would result in the following header being sent:
924: ...
925: X-Test: one, two
1.60 avankest 926: ...</code></pre>
1.18 avankest 927: </div>
1.6 avankest 928:
1.132 avankest 929: <dt><dfn id=send title=send><code>send(<var>data</var>)</code></dfn>,
1.25 avankest 930: method
1.2 avankest 931:
932: <dd>
1.132 avankest 933: <p>The <code><a href="#send">send()</a></code> method initiates the
1.107 avankest 934: request and its optional argument provides the <a
1.164 avankest 935: href="#entity-body">entity body</a>.</p>
936:
937: <p class=note>Authors are encouraged to ensure that they have specified
938: the <code>Content-Type</code> header via <code><a
939: href="#setrequestheader">setRequestHeader()</a></code> before invoking
940: <code><a href="#send">send()</a></code> with a non-<code>null</code>
941: <var>data</var> argument.</p>
1.60 avankest 942:
943: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.109 avankest 944: following steps (unless otherwise noted). Note that this algorithm might
1.132 avankest 945: get aborted if the <code><a href="#open">open()</a></code> or <code><a
946: href="#abort">abort()</a></code> method is invoked. When the <dfn
947: id=abort-send-algorithm title="abort send()"><code>send()</code>
948: algorithm is aborted</dfn> the user agent <em class=ct>must</em>
949: terminate the algorithm after finishing the step it is on.</p>
1.109 avankest 950:
951: <p class=note>The following algorithm can not be aborted through script
952: when <var>async</var> is <code>false</code>. It can only be aborted when
953: <var>async</var> is <code>true</code> and only after the method call has
954: returned.</p>
1.60 avankest 955:
956: <ol>
957: <li>
1.135 avankest 958: <p>If the state of the object is not <a href="#opened-state"
959: title="OPENED state">OPENED</a> raise an
960: <code>INVALID_STATE_ERR</code> exception and terminate these steps.
1.60 avankest 961:
962: <li>
1.104 avankest 963: <p>If the <a href="#send-flag"><code>send()</code> flag</a> is "true"
1.99 avankest 964: raise an <code>INVALID_STATE_ERR</code> exception and terminate these
1.97 avankest 965: steps.
1.60 avankest 966:
967: <li>
1.104 avankest 968: <p>If <var>async</var> is <code>true</code> set the <a
969: href="#send-flag"><code>send()</code> flag</a> to "true".
1.103 avankest 970:
971: <li>
1.167 ! avankest 972: <p>If <var>stored method</var> is <code>GET</code> act as if the
! 973: <var>data</var> argument is <code>null</code>.</p>
! 974:
1.60 avankest 975: <p>If the <var>data</var> argument has not been omitted and is not
1.132 avankest 976: <code>null</code> use it for the <dfn id=entity-body>entity body</dfn>
977: as defined by section 7.2 of RFC 2616 observing the following rules:
1.146 avankest 978: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.60 avankest 979:
1.120 avankest 980: <dl class=switch>
1.60 avankest 981: <dt><var>data</var> is a <code>DOMString</code>
982:
1.79 avankest 983: <dd>
1.164 avankest 984: <p>Encode <var>data</var> using UTF-8 for transmission.</p>
985:
1.165 avankest 986: <p>If a <code>Content-Type</code> header is set using <code><a
987: href="#setrequestheader">setRequestHeader()</a></code> set the
988: <code>charset</code> parameter of that header to <code>UTF-8</code>.</p>
1.60 avankest 989:
990: <dt><var>data</var> is a <code>Document</code>
991:
992: <dd>
1.97 avankest 993: <p>Serialize <var>data</var> into a namespace well-formed XML
994: document and encoded using the encoding given by
1.166 avankest 995: <code><var>data</var>.inputEncoding</code>, when not
996: <code>null</code>, or UTF-8 otherwise. Or, if this fails because the
997: <code>Document</code> cannot be serialized act as if <var>data</var>
998: is <code>null</code>.</p>
999:
1000: <p>If no <code>Content-Type</code> header has been set using <code><a
1001: href="#setrequestheader">setRequestHeader()</a></code> append a
1002: <code>Content-Type</code> header to the list of request headers with
1003: a value of <code>application/xml;charset=<var>charset</var></code>
1004: where <var>charset</var> is the encoding used to encode the
1005: document.</p>
1.60 avankest 1006:
1007: <p class=note>Subsequent changes to the <code>Document</code> have no
1008: effect on what is submitted.</p>
1009:
1010: <dt><var>data</var> is not a <code>DOMString</code> or
1011: <code>Document</code>
1012:
1.79 avankest 1013: <dd>
1.97 avankest 1014: <p>Use the stringification mechanisms of the host language on
1015: <var>data</var> and treat the result as if <var>data</var> is a
1.167 ! avankest 1016: <code>DOMString</code>. Or, if this fails, act as if the
! 1017: <var>data</var> argument is <code>null</code>.
1.60 avankest 1018: </dl>
1019:
1.127 avankest 1020: <p>If the <var>data</var> argument has been omitted, or is
1021: <code>null</code>, no entity body is used in the request.</p>
1.60 avankest 1022:
1023: <li>
1.72 avankest 1024: <p>Make a request to <var>stored url</var>, using HTTP method
1025: <var>stored method</var>, user <var>stored user</var> (if provided)
1026: and password <var>stored password</var> (if provided), taking into
1027: account the entity body, list of request headers and the rules listed
1028: directly after this set of steps.
1.60 avankest 1029:
1030: <li>
1.97 avankest 1031: <p>Synchronously dispatch a <code><a
1.132 avankest 1032: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 1033: object.</p>
1034:
1035: <p class=note>The state of the object does not change. The event is
1036: dispatched for historical reasons.</p>
1.68 avankest 1037:
1038: <li>
1.103 avankest 1039: <p>If <var>async</var> is <code>true</code> return the <code><a
1.132 avankest 1040: href="#send">send()</a></code> method call. (Do not terminate the
1.103 avankest 1041: steps in the algorithm though.)
1.60 avankest 1042:
1043: <li>
1.124 avankest 1044: <p>While downloading the resource the following rules are to be
1045: observed.</p>
1.119 avankest 1046:
1.120 avankest 1047: <dl class=switch>
1.119 avankest 1048: <dt>If the response is an HTTP redirect
1049:
1050: <dd>
1.146 avankest 1051: <p>If the redirect does not violate security (it is <a
1052: href="#same-origin">same-origin</a> for instance) or infinite loop
1053: precautions and the scheme is supported transparently follow the
1.167 ! avankest 1054: redirect and go to the start of this step (step 8).</p>
1.119 avankest 1055:
1056: <p class=note>HTTP places requirements on the user agent regarding
1057: the preservation of the request method and entity body during
1058: redirects, and also requires users to be notified of certain kinds
1059: of automatic redirections.</p>
1060: <!-- Arguably HTTP should be fixed for the latter case. No browser
1061: follows that as far as I know. -->
1062:
1063: <p>Otherwise, follow the following set of steps:</p>
1064:
1065: <ol>
1066: <li>
1.125 avankest 1067: <p>Set the <a href="#response-entity-body">response entity body</a>
1068: to "null", the <a href="#error-flag">error flag</a> to "true" and
1069: reset the list of request headers.
1.119 avankest 1070:
1071: <li>
1.132 avankest 1072: <p>Synchronously switch the state to <a href="#done-state"
1073: title="DONE state">DONE</a>.
1.119 avankest 1074:
1075: <li>
1076: <p>If <var>async</var> is set to <code>false</code> raise a
1077: <code><a href="#network-err">NETWORK_ERR</a></code> exception and
1078: terminate the overall algorithm.
1079:
1080: <li>
1081: <p>Synchronously dispatch a <code><a
1.132 avankest 1082: href="#readystatechange">readystatechange</a></code> event on the
1083: object.
1.119 avankest 1084:
1085: <li>
1086: <p>Terminate the overall algorithm.
1087: </ol>
1088:
1089: <p class=note>It is likely that a future version of the <code><a
1090: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1091: dispatch an <code>error</code> event here as well.</p>
1092:
1093: <dt>If the user cancels the download
1094:
1095: <dd>
1096: <p>Run the following set of steps:</p>
1097:
1098: <ol>
1099: <li>
1.125 avankest 1100: <p>Set the <a href="#response-entity-body">response entity body</a>
1101: to "null", the <a href="#error-flag">error flag</a> to "true" and
1102: reset the list of request headers.
1.119 avankest 1103:
1104: <li>
1.132 avankest 1105: <p>Synchronously switch the state to <a href="#done-state"
1106: title="DONE state">DONE</a>.
1.119 avankest 1107:
1108: <li>
1.122 avankest 1109: <p>If <var>async</var> is set to <code>false</code> raise an
1110: <code><a href="#abort-err">ABORT_ERR</a></code> exception and
1.119 avankest 1111: terminate the overall algorithm.
1112:
1113: <li>
1114: <p>Synchronously dispatch a <code><a
1.132 avankest 1115: href="#readystatechange">readystatechange</a></code> event on the
1116: object.
1.119 avankest 1117:
1118: <li>
1119: <p>Terminate the overall algorithm.
1120: </ol>
1121:
1122: <p class=note>It is likely that a future version of the <code><a
1123: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1.122 avankest 1124: dispatch an <code title="">abort</code> event here as well.</p>
1.119 avankest 1125:
1126: <dt>In case of network errors
1.118 avankest 1127:
1.119 avankest 1128: <dd>
1.127 avankest 1129: <p>In case of DNS errors, or other type of network errors, run the
1130: following set of steps. <span class=note>This does not include HTTP
1131: responses that indicate some type of error, such as HTTP status code
1.119 avankest 1132: 410.</span></p>
1133:
1134: <ol>
1135: <li>
1.125 avankest 1136: <p>Set the <a href="#response-entity-body">response entity body</a>
1137: to "null", the <a href="#error-flag">error flag</a> to "true" and
1138: reset the list of request headers.
1.119 avankest 1139:
1140: <li>
1.132 avankest 1141: <p>Synchronously switch the state to <a href="#done-state"
1142: title="DONE state">DONE</a>.
1.119 avankest 1143:
1144: <li>
1145: <p>If <var>async</var> is set to <code>false</code> raise a
1146: <code><a href="#network-err">NETWORK_ERR</a></code> exception and
1147: terminate the overall algorithm.
1148:
1149: <li>
1150: <p>Synchronously dispatch a <code><a
1.132 avankest 1151: href="#readystatechange">readystatechange</a></code> event on the
1152: object.
1.119 avankest 1153:
1154: <li>
1155: <p>Terminate the overall algorithm.
1156: </ol>
1157:
1158: <p class=note>It is likely that a future version of the <code><a
1159: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1160: dispatch an <code>error</code> event here as well.</p>
1161:
1162: <dt>Once all HTTP headers have been received
1.60 avankest 1163:
1.119 avankest 1164: <dd>
1165: <p>If all HTTP headers have been received, before receiving the
1.124 avankest 1166: message body (if any), run the following steps:</p>
1.60 avankest 1167:
1.119 avankest 1168: <ol>
1169: <li>
1.132 avankest 1170: <p>Synchronously switch the state to <a
1171: href="#headers-received-state" title="HEADERS_RECEIVED
1172: state">HEADERS_RECEIVED</a>.
1.119 avankest 1173:
1174: <li>
1175: <p>Synchronously dispatch a <code><a
1.132 avankest 1176: href="#readystatechange">readystatechange</a></code> event on the
1177: object.
1.124 avankest 1178: </ol>
1179:
1180: <dt>Once the first byte (or more) of the response entity body has been
1181: received
1182:
1183: <dt>If there is no response entity body
1.119 avankest 1184:
1.124 avankest 1185: <dd>
1186: <ol>
1.119 avankest 1187: <li>
1.132 avankest 1188: <p>Synchronously switch the state to <a href="#loading-state"
1.119 avankest 1189: title="LOADING state">LOADING</a>.
1190:
1191: <li>
1192: <p>Synchronously dispatch a <code><a
1.132 avankest 1193: href="#readystatechange">readystatechange</a></code> event on the
1194: object.
1.119 avankest 1195: </ol>
1196: </dl>
1.60 avankest 1197:
1.125 avankest 1198: <p>Finally, once the complete resource has been downloaded go to the
1199: next step.</p>
1.60 avankest 1200:
1201: <li>
1.83 avankest 1202: <p>When the request has successfully completed loading, synchronously
1.132 avankest 1203: switch the state to <a href="#done-state" title="DONE state">DONE</a>
1204: and then synchronously dispatch a <code><a
1205: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 1206: object and return the method call in case of <var>async</var> being
1207: <code>false</code>.
1.60 avankest 1208: </ol>
1.19 avankest 1209:
1.92 avankest 1210: <p>If the user agent allows the user to configure a proxy it <em
1.25 avankest 1211: class=ct>should</em> modify the request appropriately; <abbr title="in
1.2 avankest 1212: other words">i.e.</abbr>, connect to the proxy host instead of the
1213: origin server, modify the <code>Request-Line</code> and send
1214: <code>Proxy-Authorization</code> headers as specified.</p>
1215:
1.44 avankest 1216: <p>If the user agent supports HTTP Authentication it <em
1217: class=ct>should</em> consider requests originating from this object to
1218: be part of the protection space that includes the accessed URIs and send
1.19 avankest 1219: <code>Authorization</code> headers and handle <code>401
1.138 avankest 1220: Unauthorized</code> requests appropriately. If authentication fails,
1.44 avankest 1221: user agents <em class=ct>should</em> prompt the users for credentials.
1222: [<cite><a href="#ref-rfc2617">RFC2617</a></cite>]</p>
1.19 avankest 1223:
1.59 avankest 1224: <p>If the user agent supports HTTP State Management it <em
1.44 avankest 1225: class=ct>should</em> persist, discard and send cookies (as received in
1226: the <code>Set-Cookie</code> and <code>Set-Cookie2</code> response
1227: headers, and sent in the <code>Cookie</code> header) as applicable.
1.51 avankest 1228: [<cite><a href="#ref-rfc2965">RFC2965</a></cite>]</p>
1.164 avankest 1229: <!-- It has been said that RFC2965 does not match reality. -->
1.44 avankest 1230: <p>If the user agent implements a HTTP cache it <em class=ct>should</em>
1231: respect <code>Cache-Control</code> request headers set by the script
1232: (<abbr title="for example">e.g.</abbr>, <code>Cache-Control:
1233: no-cache</code> bypasses the cache). It <em class=ct>must not</em> send
1.25 avankest 1234: <code>Cache-Control</code> or <code>Pragma</code> request headers
1.138 avankest 1235: automatically unless the user explicitly requests such behavior
1.44 avankest 1236: (<abbr>e.g.</abbr>, by (force-)reloading the page). <code>304 Not
1237: Modified</code> responses that are a result of a user agent generated
1238: conditional request <em class=ct>must</em> be presented as <code>200
1.59 avankest 1239: OK</code> responses with the appropriate content. The user agent <em
1.44 avankest 1240: class=ct>must</em> allow scripts to override automatic cache validation
1241: by setting request headers (e.g., <code>If-None-Match</code>,
1.16 avankest 1242: <code>If-Modified-Since</code>), in which case <code>304 Not
1.44 avankest 1243: Modified</code> responses <em class=ct>must</em> be passed through.
1.146 avankest 1244: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.2 avankest 1245:
1.44 avankest 1246: <p>If the user agent implements server-driven content-negotiation it <em
1.162 avankest 1247: class=ct>should</em> set <code>Accept-Encoding</code> and
1248: <code>Accept-Charset</code> headers as appropriate; it <em class=ct>must
1.163 avankest 1249: not</em> automatically set the <code>Accept</code>. If the
1250: <code>Accept-Language</code> header is not set using <code><a
1251: href="#setrequestheader">setRequestHeader()</a></code> user agents <em
1252: class=ct>should</em> provide it. Responses to such requests <em
1.128 avankest 1253: class=ct>must</em> have the content-encodings automatically decoded.
1.146 avankest 1254: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.18 avankest 1255:
1.132 avankest 1256: <dt><dfn id=abort><code>abort()</code></dfn>, method
1.6 avankest 1257:
1258: <dd>
1.62 avankest 1259: <p>When invoked, the user agent <em class=ct>must</em> run the following
1.97 avankest 1260: steps (unless otherwise noted):</p>
1.6 avankest 1261:
1.62 avankest 1262: <ol>
1263: <li>
1.109 avankest 1264: <p><a href="#abort-send-algorithm" title="abort send()">Abort the
1265: <code>send()</code> algorithm</a>, set the <a
1.125 avankest 1266: href="#response-entity-body">response entity body</a> to "null", the
1.136 avankest 1267: <a href="#error-flag">error flag</a> to "true" and remove any
1268: registered request headers.
1.62 avankest 1269:
1270: <li>
1.109 avankest 1271: <p>The user agent <em class=ct>should</em> cancel any network activity
1272: for which the object is responsible.
1.62 avankest 1273:
1.80 avankest 1274: <li>
1.135 avankest 1275: <p>If the state is <a href="#unsent-state" title="UNSENT
1276: state">UNSENT</a>, <a href="#opened-state" title="OPENED
1277: state">OPENED</a> and the <a href="#send-flag"><code>send()</code>
1278: flag</a> is "false", or <a href="#done-state" title="DONE
1279: state">DONE</a> go to the next step.</p>
1.84 avankest 1280:
1.132 avankest 1281: <p>Otherwise, switch the state to <a href="#done-state" title="DONE
1.136 avankest 1282: state">DONE</a>, set the <a href="#send-flag"><code>send()</code>
1283: flag</a> to "false" and synchronously dispatch a <code><a
1.132 avankest 1284: href="#readystatechange">readystatechange</a></code> event on the
1.84 avankest 1285: object.</p>
1.68 avankest 1286:
1.62 avankest 1287: <li>
1.135 avankest 1288: <p>Switch the state to <a href="#unsent-state" title="UNSENT
1.98 avankest 1289: state">UNSENT</a>. (Do not dispatch the <code><a
1.132 avankest 1290: href="#readystatechange">readystatechange</a></code> event.)</p>
1.62 avankest 1291:
1.83 avankest 1292: <p class=note>It is likely that a future version of the <code><a
1293: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1294: dispatch an <code title="">abort</code> event here as well.</p>
1.62 avankest 1295: </ol>
1.26 avankest 1296:
1.6 avankest 1297: <dt><dfn
1.132 avankest 1298: id=getallresponseheaders><code>getAllResponseHeaders()</code></dfn>,
1.13 avankest 1299: method
1.2 avankest 1300:
1301: <dd>
1.62 avankest 1302: <p>When invoked, the user agent <em class=ct>must</em> run the following
1303: steps:</p>
1.60 avankest 1304:
1305: <ol>
1.77 avankest 1306: <li>
1.135 avankest 1307: <p>If the state is <a href="#unsent-state" title="UNSENT
1308: state">UNSENT</a> or <a href="#opened-state" title="OPENED
1309: state">OPENED</a> raise an <code>INVALID_STATE_ERR</code> exception
1310: and terminate these steps.
1.125 avankest 1311:
1312: <li>
1313: <p>If the <a href="#error-flag">error flag</a> is "true" return
1314: <code>null</code> and terminate these steps.
1.77 avankest 1315:
1316: <li>
1.97 avankest 1317: <p>Return all the HTTP headers, as a single string, with each header
1318: line separated by a U+000D CR U+000A LF pair excluding the status
1319: line.
1.60 avankest 1320: </ol>
1.6 avankest 1321:
1.25 avankest 1322: <div class=example>
1.60 avankest 1323: <pre><code>// The following script:
1.6 avankest 1324: var client = new XMLHttpRequest();
1.18 avankest 1325: client.open("GET", "test.txt", true);
1.6 avankest 1326: client.send();
1.16 avankest 1327: client.onreadystatechange = function() {
1.17 avankest 1328: if(this.readyState == 3) {
1.16 avankest 1329: print(this.getAllResponseHeaders());
1330: }
1331: }
1.6 avankest 1332:
1333: // ...should output something similar to the following text:
1334: Date: Sun, 24 Oct 2004 04:58:38 GMT
1335: Server: Apache/1.3.31 (Unix)
1336: Keep-Alive: timeout=15, max=99
1337: Connection: Keep-Alive
1338: Transfer-Encoding: chunked
1.60 avankest 1339: Content-Type: text/plain; charset=utf-8</code></pre>
1.6 avankest 1340: </div>
1341:
1.132 avankest 1342: <dt><dfn id=getresponseheader
1.25 avankest 1343: title=getresponseheader><code>getResponseHeader(<var>header</var>)</code></dfn>,
1.13 avankest 1344: method
1.2 avankest 1345:
1.6 avankest 1346: <dd>
1.60 avankest 1347: <p>When the method is invoked, the user agent <em class=ct>must</em> run
1348: the following steps:</p>
1349:
1350: <ol>
1.77 avankest 1351: <li>
1.135 avankest 1352: <p>If the state is <a href="#unsent-state" title="UNSENT
1353: state">UNSENT</a> or <a href="#opened-state" title="OPENED
1354: state">OPENED</a> raise an <code>INVALID_STATE_ERR</code> exception
1355: and terminate these steps.
1.125 avankest 1356:
1357: <li>
1.150 avankest 1358: <p>If the <var>header</var> argument does not match the <a
1359: href="#field-name"><code>field-name</code> production</a> return the
1360: empty string and terminate these steps.
1361:
1362: <li>
1.125 avankest 1363: <p>If the <a href="#error-flag">error flag</a> is "true" return
1364: <code>null</code> and terminate these steps.
1.17 avankest 1365:
1.77 avankest 1366: <li>
1.81 avankest 1367: <p>If the <var>header</var> argument <a href="#case-insensitive-match"
1368: title="case-insensitive match">case-insensitively matches</a> multiple
1.128 avankest 1369: HTTP headers for the last request sent, return the values of these
1.97 avankest 1370: headers as a single concatenated string separated from each other by
1.99 avankest 1371: an U+002C COMMA followed by an U+0020 SPACE and terminate these steps.
1.77 avankest 1372:
1373: <li>
1.81 avankest 1374: <p>If the <var>header</var> argument <a href="#case-insensitive-match"
1375: title="case-insensitive match">case-insensitively matches</a> a single
1.97 avankest 1376: HTTP header for the last request sent return the value of that header
1.99 avankest 1377: and terminate these steps.
1.77 avankest 1378:
1379: <li>
1.97 avankest 1380: <p>Return <code>null</code>.
1.60 avankest 1381: </ol>
1.17 avankest 1382:
1.25 avankest 1383: <div class=example>
1.60 avankest 1384: <pre><code>// The following script:
1.1 avankest 1385: var client = new XMLHttpRequest();
1.18 avankest 1386: client.open("GET", "test.txt", true);
1.6 avankest 1387: client.send();
1.16 avankest 1388: client.onreadystatechange = function() {
1.17 avankest 1389: if(this.readyState == 3) {
1.18 avankest 1390: print(client.getResponseHeader("Content-Type"));
1.16 avankest 1391: }
1392: }
1.1 avankest 1393:
1.6 avankest 1394: // ...should output something similar to the following text:
1.164 avankest 1395: text/plain; charset=utf-8</code></pre>
1.2 avankest 1396: </div>
1397:
1.132 avankest 1398: <dt><dfn id=responsetext><code>responseText</code></dfn> of type
1.9 avankest 1399: <code>DOMString</code>, readonly
1.6 avankest 1400:
1401: <dd>
1.89 avankest 1402: <p>On getting, the user agent <em class=ct>must</em> run the following
1403: steps:</p>
1404:
1405: <ol>
1406: <li>
1.132 avankest 1407: <p>If the state is not <a href="#loading-state" title="LOADING
1408: state">LOADING</a> or <a href="#done-state" title="DONE
1409: state">DONE</a> raise an <code>INVALID_STATE_ERR</code> exception and
1410: terminate these steps.
1.6 avankest 1411:
1.89 avankest 1412: <li>
1413: <p>Return the <a href="#text-response-entity-body">text response entity
1414: body</a>.
1415: </ol>
1.12 avankest 1416:
1.132 avankest 1417: <dt><dfn id=responsexml><code>responseXML</code></dfn> of type
1.9 avankest 1418: <code>Document</code>, readonly
1.6 avankest 1419:
1420: <dd>
1.76 avankest 1421: <p>On getting, the user agent <em class=ct>must</em> run the following
1422: steps:</p>
1423:
1424: <ol>
1425: <li>
1.132 avankest 1426: <p>If the state is not <a href="#done-state" title="DONE
1427: state">DONE</a> raise an <code>INVALID_STATE_ERR</code> exception and
1428: terminate these steps.
1.76 avankest 1429:
1430: <li>
1.89 avankest 1431: <p>Return the <a href="#xml-response-entity-body">XML response entity
1432: body</a>.
1.76 avankest 1433: </ol>
1.12 avankest 1434:
1.132 avankest 1435: <dt><dfn id=status><code>status</code></dfn> of type <code>unsigned
1.9 avankest 1436: short</code>, readonly
1.6 avankest 1437:
1438: <dd>
1.73 avankest 1439: <p>On getting, if available, it <em class=ct>must</em> return the HTTP
1440: status code sent by the server (typically <code>200</code> for a
1441: successful request). Otherwise, if not available, the user agent <em
1442: class=ct>must</em> raise an <code>INVALID_STATE_ERR</code> exception.</p>
1.12 avankest 1443:
1.132 avankest 1444: <dt><dfn id=statustext><code>statusText</code></dfn> of type
1.9 avankest 1445: <code>DOMString</code>, readonly
1.2 avankest 1446:
1.6 avankest 1447: <dd>
1.73 avankest 1448: <p>On getting, if available, it <em class=ct>must</em> return the HTTP
1449: status text sent by the server (appears after the status code).
1450: Otherwise, if not available, the user agent <em class=ct>must</em> raise
1451: an <code>INVALID_STATE_ERR</code> exception.</p>
1.2 avankest 1452: </dl>
1453:
1.154 avankest 1454: <h3 id=events><span class=secno>4.1. </span>Events for the <code
1.33 avankest 1455: title="">XMLHttpRequest</code> Object</h3>
1.2 avankest 1456:
1.135 avankest 1457: <p>This section describes the various events that can be dispatched on
1458: objects implementing the <code><a
1.60 avankest 1459: href="#xmlhttprequest-object">XMLHttpRequest</a></code> interface. For
1460: this version of the specification only one event is defined.
1.2 avankest 1461:
1.1 avankest 1462: <dl>
1.132 avankest 1463: <dt><dfn id=readystatechange><code>readystatechange</code></dfn>
1.2 avankest 1464:
1.73 avankest 1465: <dd>When the user agent dispatches a <code
1466: title="">readystatechange</code> event (as indicated above) it <em
1467: class=ct>must not</em> bubble, <em class=ct>must not</em> be cancelable
1468: and <em class=ct>must</em> implement the <code>Event</code> interface.
1469: Its <code>namespaceURI</code> attribute <em class=ct>must</em> be
1.146 avankest 1470: <code>null</code>. [<cite><a
1.156 avankest 1471: href="#ref-dom2events">DOM2Events</a></cite>]
1.1 avankest 1472: </dl>
1.2 avankest 1473:
1.154 avankest 1474: <h3 id=exceptions><span class=secno>4.2. </span>Exceptions for the <code
1.33 avankest 1475: title="">XMLHttpRequest</code> Object</h3>
1476:
1.139 avankest 1477: <p>Several algorithms in this specification may result in an exception
1478: being thrown. These exceptions are all part of the group
1479: <code>ExceptionCode</code> and use the <code>DOMException</code> object
1480: which is defined in DOM Level 3 Core. In addition this specification
1481: extends the <code>ExceptionCode</code> group with several new constants as
1.146 avankest 1482: indicated below. [<cite><a href="#ref-dom3core">DOM3Core</a></cite>]
1.139 avankest 1483:
1.34 avankest 1484: <pre
1.139 avankest 1485: class=idl>const unsigned short <a href="#security-err">SECURITY_ERR</a> = 18;
1.122 avankest 1486: const unsigned short <a href="#network-err">NETWORK_ERR</a> = 101;
1487: const unsigned short <a href="#abort-err">ABORT_ERR</a> = 102;</pre>
1.33 avankest 1488:
1.139 avankest 1489: <p>The <dfn id=security-err><code>SECURITY_ERR</code></dfn> exception is
1490: raised if an attempt is made to perform an operation or access some data
1491: in a way that would be a security risk or a violation of the user agent's
1492: security policy.</p>
1493: <!-- http://lists.w3.org/Archives/Public/public-webapi/2006May/0027.html -->
1494:
1495: <p class=note>The <code title="">SECURITY_ERR</code> exception is expected
1496: to be eventually folded into an update of the the DOM Level 3 Core
1497: specification with an equivalent definition and identical constant value.
1498: Until that happens it is defined here to guide implementors. (This is also
1.154 avankest 1499: the reason the constant value is not in line with the other exceptions.)
1.139 avankest 1500:
1.35 avankest 1501: <p>The <dfn id=network-err><code>NETWORK_ERR</code></dfn> exception is
1.139 avankest 1502: raised when a network error occurs in synchronous requests.
1.122 avankest 1503:
1.139 avankest 1504: <p>The <dfn id=abort-err><code>ABORT_ERR</code></dfn> exception is raised
1.122 avankest 1505: when the user aborts a request in synchronous requests.
1506:
1.31 avankest 1507: <h2 class=no-num id=notcovered>Not in this Specification</h2>
1508:
1.144 avankest 1509: <p><em>This section is non-normative.</em>
1.31 avankest 1510:
1.73 avankest 1511: <p>This specification does not include the following features which are
1512: being considered for a future version of this specification:
1.31 avankest 1513:
1514: <ul>
1515: <li><code>load</code> event and <code>onload</code> attribute;
1516:
1517: <li><code>error</code> event and <code>onerror</code> attribute;
1518:
1519: <li><code>progress</code> event and <code>onprogress</code> attribute;
1520:
1521: <li><code title="">abort</code> event and <code>onabort</code> attribute;
1522:
1523: <li>Timers have been suggested, perhaps an <code>ontimeout</code>
1524: attribute;
1525:
1526: <li>Property to disable following redirects;
1527:
1.32 avankest 1528: <li><code title="">responseXML</code> for <code>text/html</code>
1529: documents;
1.31 avankest 1530:
1.42 avankest 1531: <li>Cross-site <code title="">XMLHttpRequest</code>;
1532:
1.88 avankest 1533: <li><code>responseBody</code> to deal with byte streams;
1.42 avankest 1534:
1.115 avankest 1535: <li><code>overrideMimeType</code> to fix up MIME types;
1536:
1.88 avankest 1537: <li><code>getRequestHeader()</code> and
1538: <code>removeRequestHeader()</code>.
1.31 avankest 1539: </ul>
1540:
1.25 avankest 1541: <h2 class=no-num id=bibref>References</h2>
1.2 avankest 1542:
1.7 avankest 1543: <dl>
1.156 avankest 1544: <dt>[<dfn id=ref-dom2events>DOM2Events</dfn>]
1545:
1546: <dd><cite><a href="http://www.w3.org/TR/DOM-Level-2-Events/">Document
1.161 avankest 1547: Object Model (DOM) Level 2 Events Specification</a></cite>, T. Pixley,
1548: editor. W3C, November 2000.
1.156 avankest 1549:
1.146 avankest 1550: <dt>[<dfn id=ref-dom3core>DOM3Core</dfn>]
1.2 avankest 1551:
1.15 avankest 1552: <dd><cite><a href="http://www.w3.org/TR/DOM-Level-3-Core">Document Object
1553: Model (DOM) Level 3 Core Specification</a></cite>, A. Le Hors, P. Le
1.140 avankest 1554: Hégaret, L. Wood, G. Nicol, J. Robie, M. Champion, S. Byrne,
1555: editors. W3C, April 2004.
1.2 avankest 1556:
1.39 avankest 1557: <dt>[<dfn id=ref-ecmascript>ECMAScript</dfn>]
1.18 avankest 1558:
1559: <dd><cite><a
1560: href="http://www.ecma-international.org/publications/standards/Ecma-262.htm">ECMAScript
1561: Language Specification</a></cite>, Third Edition. ECMA, December 1999.
1562:
1.146 avankest 1563: <dt>[<dfn id=ref-html5>HTML5</dfn>]
1.143 avankest 1564:
1565: <dd><cite><a
1566: href="http://www.whatwg.org/specs/web-apps/current-work/">HTML 5</a></cite>
1.147 avankest 1567: (work in progress), Ian Hickson, editor. WHATWG, 2007.
1.18 avankest 1568:
1.146 avankest 1569: <dt>[<dfn id=ref-rfc2119>RFC2119</dfn>]
1.15 avankest 1570:
1.118 avankest 1571: <dd><cite><a href="http://ietf.org/rfc/rfc2119">Key words for use in RFCs
1572: to Indicate Requirement Levels</a></cite>, S. Bradner. IETF, March 1997.
1.15 avankest 1573:
1.146 avankest 1574: <dt>[<dfn id=ref-rfc2616>RFC2616</dfn>]
1.15 avankest 1575:
1576: <dd><cite><a href="http://ietf.org/rfc/rfc2616">Hypertext Transfer
1577: Protocol -- HTTP/1.1</a></cite>, R. Fielding, J. Gettys, J. Mogul, H.
1.93 avankest 1578: Frystyk, L. Masinter, P. Leach, T. Berners-Lee, editors. IETF, June 1999.
1.15 avankest 1579:
1.39 avankest 1580: <dt>[<dfn id=ref-rfc2617>RFC2617</dfn>]
1.15 avankest 1581:
1582: <dd><cite><a href="http://ietf.org/rfc/rfc2617">HTTP Authentication: Basic
1.93 avankest 1583: and Digest Access Authentication</a></cite>, P. Hallam-Baker, J.
1584: Hostetler, S. Lawrence, P. Leach, A. Luotonen, L. Stewart, editors. IETF,
1585: June 1999.
1.2 avankest 1586:
1.39 avankest 1587: <dt>[<dfn id=ref-rfc2965>RFC2965</dfn>]
1.2 avankest 1588:
1.22 avankest 1589: <dd><cite><a href="http://ietf.org/rfc/rfc2965">HTTP State Management
1590: Mechanism</a></cite>, D. Kristol, L. Montulli, editors. IETF, October
1591: 2000.
1592:
1.39 avankest 1593: <dt>[<dfn id=ref-rfc3986>RFC3986</dfn>]
1.2 avankest 1594:
1.15 avankest 1595: <dd><cite><a href="http://ietf.org/rfc/rfc3986">Uniform Resource
1596: Identifier (URI): Generic Syntax</a></cite>, T. Berners-Lee, R. Fielding,
1597: L. Masinter, editors. IETF, January 2005.
1.30 avankest 1598:
1.142 avankest 1599: <dt>[<dfn id=ref-rfc3987>RFC3987</dfn>]
1600:
1601: <dd><cite><a href="http://ietf.org/rfc/rfc3987">Internationalized Resource
1602: Identifiers (IRIs)</a></cite>, M. Duerst, M. Suignard, editors. IETF,
1603: January 2005.
1604:
1.43 avankest 1605: <dt>[<dfn id=ref-xml>XML</dfn>]
1606:
1607: <dd><cite><a href="http://www.w3.org/TR/xml/">Extensible Markup Language
1608: (XML) 1.0 (Fourth Edition)</a></cite>, T. Bray, J. Paoli, C.
1.118 avankest 1609: Sperberg-McQueen, E. Maler, F. Yergeau, editors. W3C, September 2006.
1.43 avankest 1610:
1611: <dt>[<dfn id=ref-xmlns>XMLNS</dfn>]
1612:
1613: <dd><cite><a href="http://www.w3.org/TR/xml-names/">Namespaces in XML
1.118 avankest 1614: (Second Edition)</a></cite>, T. Bray, D. Hollander, A. Layman, R. Tobin,
1615: editors. W3C, August 2006.
1.2 avankest 1616: </dl>
1617:
1.131 avankest 1618: <h2 class=no-num id=acknowledgments>Acknowledgments</h2>
1.2 avankest 1619:
1.164 avankest 1620: <p>The editor would like to thank Addison Phillips, Ahmed Kamel, Alex
1621: Hopmann, Alex Vincent, Alexey Proskuryakov, Asbjørn Ulsberg, Boris
1622: Zbarsky, Björn Höhrmann, Cameron McCormack, Christophe Jolif,
1623: Charles McCathieNevile, Dan Winship, David Håsäther, Dean
1624: Jackson, Denis Sureau, Doug Schepers, Douglas Livingstone, Elliotte
1625: Harold, Eric Lawrence, Geoffrey Sneddon, Gideon Cohn, Gorm Haug Eriksen,
1626: Hallvord R. M. Steen, Håkon Wium Lie, Ian Davis, Ian Hickson, Ivan
1627: Herman, Jeff Walden, Jens Lindström, Jim Deegan, Jim Ley, Joe Farro,
1628: Jonas Sicking, Julian Reschke, Karl Dubost, Maciej Stachowiak, Magnus
1629: Kristiansen, Marc Hadley, Marcos Caceres, Mark Baker, Mark Nottingham,
1630: Mohamed Zergaoui, Pawel Glowacki, Robin Berjon, Ruud Steltenpool, Simon
1631: Pieters, Stewart Brodie, Sunava Dutta, Tom Magliery and Zhenbin Xu for
1632: their contributions to this specification.
1.2 avankest 1633:
1634: <p>Special thanks to the Microsoft employees who first implemented the
1.144 avankest 1635: <code title="">XMLHttpRequest</code> interface, which was first widely
1636: deployed by the Windows Internet Explorer browser.
1.2 avankest 1637:
1.56 avankest 1638: <p>Special thanks also to the WHATWG for drafting an initial version of
1.131 avankest 1639: this specification in their Web Applications 1.0 document (now renamed to
1.146 avankest 1640: HTML 5). [<cite><a href="#ref-html5">HTML5</a></cite>]
1.2 avankest 1641:
1642: <p>Thanks also to all those who have helped to improve this specification
1643: by sending suggestions and corrections. (Please, keep bugging us with your
1644: issues!)
Webmaster
![[BACK]](/https/dev.w3.org/cvsweb/icons/back.gif){kind=icon}
Return to Overview.html CVS log ![[TXT]](/https/dev.w3.org/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/https/dev.w3.org/cvsweb/icons/dir.gif){kind=icon}
Up to [Public] / 2006 / webapi / XMLHttpRequest