Annotation of 2006/webapi/XMLHttpRequest/Overview.html, revision 1.170
1.1 avankest 1: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
1.2 avankest 2:
1.25 avankest 3: <html lang=en-US>
1.1 avankest 4: <head>
5: <title>The XMLHttpRequest Object</title>
1.2 avankest 6:
1.20 avankest 7: <style type="text/css">
1.118 avankest 8: pre.idl { border:solid thin; background:#eee; color:#000; padding:0.5em }
1.20 avankest 9: pre.idl :link, pre.idl :visited { color:inherit; background:transparent }
1.60 avankest 10: pre code { color:inherit; background:transparent }
1.20 avankest 11: div.example { margin-left:1em; padding-left:1em; border-left:double; color:#222; background:#fcfcfc }
1.90 avankest 12: .note { margin-left:2em; font-weight:bold; font-style:italic; color:#008000 }
1.20 avankest 13: p.note::before { content:"Note: " }
1.90 avankest 14: .issue { padding:.5em; border:solid #f00 }
1.20 avankest 15: p.issue::before { content:"Issue: " }
1.120 avankest 16: dl.switch { padding-left:2em }
17: dl.switch dt { text-indent:-1.5em }
18: dl.switch dt:before { content:'\21AA'; padding:0 0.5em 0 0; display:inline-block; width:1em; text-align:right; line-height:0.5em }
1.20 avankest 19: em.ct { text-transform:lowercase; font-variant:small-caps; font-style:normal }
20: dfn { font-weight:bold; font-style:normal }
21: code { color:orangered }
22: code :link, code :visited { color:inherit }
1.123 avankest 23: h1 code, h2 code, h3 code { color:inherit; background:inherit; font:inherit }
1.20 avankest 24: </style>
1.154 avankest 25: <link href="http://www.w3.org/StyleSheets/TR/W3C-ED" rel=stylesheet>
1.2 avankest 26:
1.1 avankest 27: <body>
1.25 avankest 28: <div class=head>
29: <p><a href="http://www.w3.org/"><img alt=W3C height=48
30: src="http://www.w3.org/Icons/w3c_home" width=72></a></p>
1.2 avankest 31:
1.157 avankest 32: <h1 class=head id=the-xmlhttprequest-object>The <code
1.14 avankest 33: title="">XMLHttpRequest</code> Object</h1>
1.2 avankest 34:
1.168 avankest 35: <h2 class="no-num no-toc" id=w3c-doctype>Editor's Draft 25 February 2008</h2>
1.2 avankest 36:
1.1 avankest 37: <dl>
1.154 avankest 38: <dt>This Version:
1.2 avankest 39:
40: <dd><a
1.154 avankest 41: href="http://dev.w3.org/2006/webapi/XMLHttpRequest/">http://dev.w3.org/2006/webapi/XMLHttpRequest/</a></dd>
1.168 avankest 42: <!--<dd><a href="http://www.w3.org/TR/2008/ED-XMLHttpRequest-20080225/">http://www.w3.org/TR/2008/WD-XMLHttpRequest-20080225/</a></dd>-->
1.2 avankest 43:
1.14 avankest 44: <dt>Latest Version:
1.2 avankest 45:
46: <dd><a
47: href="http://www.w3.org/TR/XMLHttpRequest/">http://www.w3.org/TR/XMLHttpRequest/</a>
48:
1.14 avankest 49: <dt>Previous Versions:
1.2 avankest 50:
51: <dd><a
1.155 avankest 52: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071026/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071026/</a>
53:
54: <dd><a
1.134 avankest 55: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/</a>
56:
57: <dd><a
1.60 avankest 58: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070227/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070227/</a>
59:
60: <dd><a
1.25 avankest 61: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060927/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060927/</a>
62:
63: <dd><a
1.2 avankest 64: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060619/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060619/</a>
65:
66: <dd><a
67: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060405/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060405/</a>
68:
69: <dt>Editor:
70:
71: <dd><a href="http://annevankesteren.nl/">Anne van Kesteren</a> (<a
72: href="http://www.opera.com/">Opera Software ASA</a>) <<a
73: href="mailto:annevk@opera.com">annevk@opera.com</a>>
1.1 avankest 74: </dl>
1.2 avankest 75:
1.25 avankest 76: <p class=copyright><a
1.2 avankest 77: href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a>
1.53 avankest 78: © 2007 <a href="http://www.w3.org/"><acronym title="World Wide Web
79: Consortium">W3C</acronym></a><sup>®</sup> (<a
80: href="http://www.csail.mit.edu/"><acronym title="Massachusetts Institute
81: of Technology">MIT</acronym></a>, <a
82: href="http://www.ercim.org/"><acronym title="European Research Consortium
83: for Informatics and Mathematics">ERCIM</acronym></a>, <a
1.2 avankest 84: href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a
85: href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>,
86: <a
87: href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a>
88: and <a
89: href="http://www.w3.org/Consortium/Legal/copyright-documents">document
90: use</a> rules apply.</p>
1.1 avankest 91: </div>
1.2 avankest 92:
93: <hr>
94:
1.25 avankest 95: <h2 class="no-num no-toc" id=specabstract>Abstract</h2>
1.2 avankest 96:
1.25 avankest 97: <p>The <code title="">XMLHttpRequest</code> Object specification defines an
98: <abbr title="Application Programming Interface">API</abbr> that provides
99: scripted client functionality for transferring data between a client and a
100: server.
101:
102: <h2 class="no-num no-toc" id=sotd>Status of this Document</h2>
1.2 avankest 103:
104: <p><em>This section describes the status of this document at the time of
105: its publication. Other documents may supersede this document. A list of
106: current W3C publications and the latest revision of this technical report
107: can be found in the <a href="http://www.w3.org/TR/">W3C technical reports
1.65 avankest 108: index</a> at http://www.w3.org/TR/.</em></p>
109: <!-- change back to Last Call -->
1.2 avankest 110:
1.168 avankest 111: <p>This is the 25 February 2008 Working Draft of The <code
1.148 avankest 112: title="">XMLHttpRequest</code> Object specification. Please send comments
113: to <a href="mailto:public-webapi@w3.org">public-webapi@w3.org</a> (<a
1.49 avankest 114: href="http://lists.w3.org/Archives/Public/public-webapi/">archived</a>)
115: with either <samp>[XHR]</samp> or <samp title="">[XMLHttpRequest]</samp>
1.65 avankest 116: at the start of the subject line<!-- by 2 April 2007-->.
1.49 avankest 117:
118: <p>This document is produced by the <a
119: href="http://www.w3.org/2006/webapi/">Web API Working Group</a>, part of
120: the <a href="http://www.w3.org/2006/rwc/Activity">Rich Web Clients
121: Activity</a> in the W3C <a
122: href="http://www.w3.org/Interaction/">Interaction Domain</a>. Changes made
123: to this document can be found in the <a
124: href="http://dev.w3.org/cvsweb/2006/webapi/XMLHttpRequest/Overview.html">W3C
125: public CVS server</a>.
1.2 avankest 126:
127: <p>Publication as a Working Draft does not imply endorsement by the W3C
128: Membership. This is a draft document and may be updated, replaced or
129: obsoleted by other documents at any time. It is inappropriate to cite this
130: document as other than work in progress.
131:
132: <p>This document was produced by a group operating under the <a
133: href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5 February
1.54 avankest 134: 2004 W3C Patent Policy</a>. W3C maintains a <a
135: href="http://www.w3.org/2004/01/pp-impl/38482/status"
1.25 avankest 136: rel=disclosure>public list of any patent disclosures</a> made in
1.2 avankest 137: connection with the deliverables of the group; that page also includes
138: instructions for disclosing a patent. An individual who has actual
139: knowledge of a patent which the individual believes contains <a
140: href="http://www.w3.org/Consortium/Patent-Policy-20040205/#def-essential">Essential
141: Claim(s)</a> must disclose the information in accordance with <a
142: href="http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-Disclosure">section
143: 6 of the W3C Patent Policy</a>.
144:
1.25 avankest 145: <h2 class="no-num no-toc" id=toc>Table of Contents</h2>
1.2 avankest 146: <!--begin-toc-->
147:
1.25 avankest 148: <ul class=toc>
149: <li><a href="#introduction"><span class=secno>1. </span>Introduction</a>
1.154 avankest 150:
151: <li><a href="#conformance"><span class=secno>2. </span>Conformance</a>
1.25 avankest 152: <ul class=toc>
1.168 avankest 153: <li><a href="#dependencies"><span class=secno>2.1
1.154 avankest 154: </span>Dependencies</a>
1.2 avankest 155:
1.168 avankest 156: <li><a href="#terminology"><span class=secno>2.2 </span>Terminology</a>
1.81 avankest 157:
1.168 avankest 158: <li><a href="#extensibility"><span class=secno>2.3
1.154 avankest 159: </span>Extensibility</a>
160: </ul>
1.81 avankest 161:
1.154 avankest 162: <li><a href="#security"><span class=secno>3. </span>Security
163: Considerations</a>
1.2 avankest 164:
1.154 avankest 165: <li><a href="#xmlhttprequest"><span class=secno>4. </span>The <code
1.16 avankest 166: title="">XMLHttpRequest</code> Object</a>
1.25 avankest 167: <ul class=toc>
1.168 avankest 168: <li><a href="#events"><span class=secno>4.1 </span>Events for the <code
1.33 avankest 169: title="">XMLHttpRequest</code> Object</a>
170:
1.168 avankest 171: <li><a href="#exceptions"><span class=secno>4.2 </span>Exceptions for
1.33 avankest 172: the <code title="">XMLHttpRequest</code> Object</a>
1.11 avankest 173: </ul>
1.2 avankest 174:
1.31 avankest 175: <li class=no-num><a href="#notcovered">Not in this Specification</a>
176:
1.25 avankest 177: <li class=no-num><a href="#bibref">References</a>
1.2 avankest 178:
1.131 avankest 179: <li class=no-num><a href="#acknowledgments">Acknowledgments</a>
1.2 avankest 180: </ul>
181: <!--end-toc-->
182:
1.25 avankest 183: <h2 id=introduction><span class=secno>1. </span>Introduction</h2>
1.2 avankest 184:
185: <p><em>This section is non-normative.</em>
186:
1.60 avankest 187: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
188: object implements an interface exposed by a scripting engine that allows
189: scripts to perform HTTP client functionality, such as submitting form data
190: or loading data from a server.
1.2 avankest 191:
192: <p>The name of the object is <code><a
1.60 avankest 193: href="#xmlhttprequest-object">XMLHttpRequest</a></code> for compatibility
1.128 avankest 194: with the Web, though each component of this name is potentially
1.60 avankest 195: misleading. First, the object supports any text based format, including
196: XML. Second, it can be used to make requests over both HTTP and HTTPS
197: (some implementations support protocols in addition to HTTP and HTTPS, but
198: that functionality is not covered by this specification). Finally, it
199: supports "requests" in a broad sense of the term as it pertains to HTTP;
200: namely all activity involved with HTTP requests or responses for the
201: defined HTTP methods.
1.2 avankest 202:
1.25 avankest 203: <div class=example>
1.18 avankest 204: <p>Some simple code to do something with data from an XML document fetched
205: over the network:</p>
206:
1.60 avankest 207: <pre><code>function test(data) {
1.18 avankest 208: // taking care of data
209: }
210:
211: function handler() {
1.118 avankest 212: if(this.readyState == 4 && this.status == 200) {
1.18 avankest 213: // so far so good
1.118 avankest 214: if(this.responseXML != null && this.responseXML.getElementById('test').firstChild.data)
215: // success!
1.18 avankest 216: test(this.responseXML.getElementById('test').firstChild.data);
217: else
218: test(null);
1.118 avankest 219: } else if (this.readyState == 4 && this.status != 200) {
1.18 avankest 220: // fetched the wrong page or network error...
221: test(null);
222: }
223: }
224:
225: var client = new XMLHttpRequest();
226: client.onreadystatechange = handler;
227: client.open("GET", "test.xml");
1.60 avankest 228: client.send();</code></pre>
1.18 avankest 229:
1.58 avankest 230: <p>If you just want to log a message to the server:</p>
1.18 avankest 231:
1.60 avankest 232: <pre><code>function log(message) {
1.18 avankest 233: var client = new XMLHttpRequest();
1.58 avankest 234: client.open("POST", "/log");
1.59 avankest 235: client.setRequestHeader("Content-Type", "text/plain;charset=UTF-8");
1.18 avankest 236: client.send(message);
1.60 avankest 237: }</code></pre>
1.18 avankest 238:
239: <p>Or if you want to check the status of a document on the server:</p>
240:
1.60 avankest 241: <pre><code>function fetchStatus(address) {
1.18 avankest 242: var client = new XMLHttpRequest();
243: client.onreadystatechange = function() {
244: // in case of network errors this might not give reliable results
245: if(this.readyState == 4)
246: returnStatus(this.status);
247: }
248: client.open("HEAD", address);
249: client.send();
1.60 avankest 250: }</code></pre>
1.18 avankest 251: </div>
1.2 avankest 252:
1.154 avankest 253: <h2 id=conformance><span class=secno>2. </span>Conformance</h2>
1.2 avankest 254:
1.29 avankest 255: <p>Everything in this specification is normative except for diagrams,
1.2 avankest 256: examples, notes and sections marked non-normative.
257:
1.25 avankest 258: <p>The key words <em class=ct>must</em>, <em class=ct>must not</em>, <em
1.75 avankest 259: class=ct>should</em> and <em class=ct>may</em> in this document are to be
260: interpreted as described in RFC 2119. [<cite><a
1.146 avankest 261: href="#ref-rfc2119">RFC2119</a></cite>]
1.2 avankest 262:
263: <p>This specification defines the following classes of products:
264:
265: <dl>
1.75 avankest 266: <dt><dfn id=conforming-user-agent>Conforming user agent</dfn>
1.2 avankest 267:
1.75 avankest 268: <dd>
269: <p>A user agent <em class=ct>must</em> behave as described in this
1.107 avankest 270: specification in order to be considered conformant.</p>
1.75 avankest 271:
1.141 avankest 272: <p>If the user agent is not a conforming XML user agent the <a
273: href="#xml-response-entity-body">XML response entity body</a> <em
274: class=ct>must</em> (always) be <code>null</code>.</p>
275:
276: <p>User agents <em class=ct>may</em> implement algorithms given in this
277: specification in any way desired, so long as the end result is
278: indistinguishable from the result that would be obtained by the
279: specification's algorithms.</p>
1.2 avankest 280:
1.96 avankest 281: <p class=note>This specification uses both the terms "conforming user
282: agent(s)" and "user agent(s)" to refer to this product class.</p>
283:
1.95 avankest 284: <dt><dfn id=conforming-xml-user-agent>Conforming XML user agent</dfn>
285:
286: <dd>
1.164 avankest 287: <p>An XML user agent <em class=ct>must</em> be a <a
288: href="#conforming-user-agent">conforming user agent</a> and <em
289: class=ct>must</em> be a conforming XML processor that reports violations
290: of namespace well-formedness. [<cite><a href="#ref-xml">XML</a></cite>]
291: [<cite><a href="#ref-xmlns">XMLNS</a></cite>]
1.2 avankest 292: </dl>
293:
1.168 avankest 294: <h3 id=dependencies><span class=secno>2.1 </span>Dependencies</h3>
1.2 avankest 295:
1.31 avankest 296: <p>This specification relies on several underlying specifications.
1.2 avankest 297:
1.31 avankest 298: <dl>
299: <dt>DOM
1.2 avankest 300:
1.31 avankest 301: <dd>
1.127 avankest 302: <p>A <a href="#conforming-user-agent" title="conforming user
303: agent">conforming user agent</a> <em class=ct>must</em> support some
1.151 avankest 304: subset of the functionality defined in DOM Events and DOM Core that this
305: specification relies upon. [<cite><a
1.156 avankest 306: href="#ref-dom2events">DOM2Events</a></cite>] [<cite><a
307: href="#ref-dom3core">DOM3Core</a></cite>]
1.2 avankest 308:
1.162 avankest 309: <dt>HTML 5
310:
311: <dd>
312: <p>This specification depends on HTML 5 for defining the
313: <code>Window</code> object and finding the character encoding of a
314: <code>text/html</code> resource. A <a
315: href="#conforming-user-agent">conforming user agent</a> <em
316: class=ct>must</em> support these features. [<cite><a
317: href="#ref-html5">HTML5</a></cite>]</p>
318:
319: <p class=note>The <a
320: href="http://www.w3.org/TR/2006/WD-Window-20060407/">Window Object
321: 1.0</a> draft is not referenced normatively as it appears to be no
322: longer maintained and HTML 5 defines the <code>Window</code> object
323: in more detail. This specification already depends on HTML 5 for
324: other reasons so there is not much additional overhead because of this.</p>
325:
1.31 avankest 326: <dt>HTTP
1.11 avankest 327:
1.31 avankest 328: <dd>
1.156 avankest 329: <p>A <a href="#conforming-user-agent">conforming user agent</a> <em
330: class=ct>must</em> support some version of the HTTP protocol. It <em
331: class=ct>should</em> support any HTTP method that matches the <a
332: href="#method"><code>Method</code> production</a> and <em
333: class=ct>must</em> at least support the following methods:</p>
1.81 avankest 334:
1.60 avankest 335: <ul>
336: <li><code>GET</code>
337:
338: <li><code>POST</code>
339:
340: <li><code>HEAD</code>
341:
342: <li><code>PUT</code>
343:
344: <li><code>DELETE</code>
345:
346: <li><code>OPTIONS</code>
347: </ul>
348:
349: <p>Other requirements regarding HTTP are made throughout the
1.146 avankest 350: specification. [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.31 avankest 351: </dl>
1.2 avankest 352:
1.168 avankest 353: <h3 id=terminology><span class=secno>2.2 </span>Terminology</h3>
1.81 avankest 354:
355: <p>There is a <dfn id=case-insensitive-match>case-insensitive match</dfn>
1.154 avankest 356: of strings <var>s1</var> and <var>s2</var> if after mapping the ASCII
357: character range A-Z to the range a-z both strings are identical.
1.2 avankest 358:
1.142 avankest 359: <p>Two URIs are <dfn id=same-origin>same-origin</dfn> if after performing
360: scheme-based normalization on both URIs as described in section 5.3.3 of
1.146 avankest 361: RFC 3987 the scheme, ihost and port components are identical. If either
1.154 avankest 362: URI does not have an ihost component the URIs <em class=ct>must not</em>
363: be considered same-origin. [<cite><a
1.148 avankest 364: href="#ref-rfc3987">RFC3987</a></cite>]
1.142 avankest 365:
1.158 avankest 366: <p>The terms <dfn id=origin>origin</dfn> and <dfn
367: id=event-handler-attribute>event handler DOM attribute</dfn> are defined
368: by the HTML 5 specification. [<cite><a
369: href="#ref-html5">HTML5</a></cite>]
1.156 avankest 370:
1.168 avankest 371: <h3 id=extensibility><span class=secno>2.3 </span>Extensibility</h3>
1.2 avankest 372:
1.82 avankest 373: <p>Extensions of the API defined by this specification are <em>strongly
1.31 avankest 374: discouraged</em>. User agents, Working Groups and other interested parties
1.35 avankest 375: should discuss extensions on a relevant public forum, preferably <a
1.31 avankest 376: href="mailto:public-webapi@w3.org">public-webapi@w3.org</a>.
1.2 avankest 377:
1.154 avankest 378: <h2 id=security><span class=secno>3. </span>Security Considerations</h2>
379:
1.155 avankest 380: <p>Apart from requirements affecting security made throughout this
381: specification implementations <em class=ct>may</em>, at their discretion,
1.159 avankest 382: not expose certain headers, such as HttpOnly cookies.
1.154 avankest 383:
384: <h2 id=xmlhttprequest><span class=secno>4. </span>The <code
1.16 avankest 385: title="">XMLHttpRequest</code> Object</h2>
1.2 avankest 386:
1.60 avankest 387: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
388: object can be used by scripts to programmatically connect to their
389: originating server via HTTP.
1.2 avankest 390:
391: <p>Objects implementing the <code><a
1.60 avankest 392: href="#xmlhttprequest-object">XMLHttpRequest</a></code> interface <em
393: class=ct>must</em> also implement the <code>EventTarget</code> interface.
1.156 avankest 394: [<cite><a href="#ref-dom2events">DOM2Events</a></cite>]
1.60 avankest 395:
396: <p>Objects implementing the <code title="">Window</code> interface <em
397: class=ct>must</em> provide an <code title="">XMLHttpRequest()</code>
1.156 avankest 398: constructor. [<cite><a href="#ref-html5">HTML5</a></cite>]
1.2 avankest 399:
1.25 avankest 400: <div class=example>
1.60 avankest 401: <p>In ECMAScript this can be used as follows:</p>
1.118 avankest 402:
1.60 avankest 403: <pre><code>var client = new XMLHttpRequest();</code></pre>
1.1 avankest 404: </div>
1.2 avankest 405:
1.60 avankest 406: <p>When the <code title="">XMLHttpRequest()</code> constructor is invoked a
1.158 avankest 407: persistent pointer to the associated <code title="">Document</code> object
408: is stored on the newly created object. This is the <dfn
409: id=document-pointer title="Document pointer"><code>Document</code>
410: pointer</dfn>. The associated <code>Document</code> object is the one
411: returned by the <code>document</code> attribute from the object on which
412: the <code title="">XMLHttpRequest()</code> constructor was invoked (a
413: <code>Window</code> object). The pointer can become "null" if the object
414: is destroyed.
415:
416: <p class=note>As per the conformance criteria implementations are free to
417: implement this in any way they desire as long as the end results are
418: identical to those given by the English prose.
1.2 avankest 419:
1.60 avankest 420: <div class=example>
1.158 avankest 421: <p>If <var><code>iframe</code></var> is a <code title="">Window</code>
422: object <var><code>client</code></var> will have a pointer to
423: <var><code>iframe.document</code></var> in the following example:</p>
1.60 avankest 424:
1.158 avankest 425: <pre><code>var client = new iframe.XMLHttpRequest()</code></pre>
1.60 avankest 426: </div>
1.11 avankest 427:
1.60 avankest 428: <pre
429: class=idl>interface <dfn id=xmlhttprequest-object>XMLHttpRequest</dfn> {
430: // event handler
1.132 avankest 431: attribute EventListener <a href="#onreadystatechange">onreadystatechange</a>;
1.60 avankest 432:
433: // state
1.135 avankest 434: const unsigned short <a href="#unsent-state" title="UNSENT state">UNSENT</a> = 0;
435: const unsigned short <a href="#opened-state" title="OPENED state">OPENED</a> = 1;
1.132 avankest 436: const unsigned short <a href="#headers-received-state" title="HEADERS_RECEIVED state">HEADERS_RECEIVED</a> = 2;
437: const unsigned short <a href="#loading-state" title="LOADING state">LOADING</a> = 3;
438: const unsigned short <a href="#done-state" title="DONE state">DONE</a> = 4;
439: readonly attribute unsigned short <a href="#readystate">readyState</a>;
1.60 avankest 440:
441: // request
1.132 avankest 442: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>);
443: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>);
444: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>, in DOMString <var>user</var>);
445: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>, in DOMString <var>user</var>, in DOMString <var>password</var>);
446: void <a href="#setrequestheader">setRequestHeader</a>(in DOMString <var>header</var>, in DOMString <var>value</var>);
447: void <a href="#send">send</a>();
448: void <a href="#send">send</a>(in DOMString <var>data</var>);
449: void <a href="#send">send</a>(in Document <var>data</var>);
450: void <a href="#abort">abort</a>();
1.60 avankest 451:
452: // response
1.132 avankest 453: DOMString <a href="#getallresponseheaders">getAllResponseHeaders</a>();
454: DOMString <a href="#getresponseheader">getResponseHeader</a>(in DOMString <var>header</var>);
455: readonly attribute DOMString <a href="#responsetext">responseText</a>;
456: readonly attribute Document <a href="#responsexml">responseXML</a>;
457: readonly attribute unsigned short <a href="#status">status</a>;
458: readonly attribute DOMString <a href="#statustext">statusText</a>;
1.5 avankest 459: };</pre>
1.2 avankest 460:
1.60 avankest 461: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
1.135 avankest 462: object can be in five states: <a href="#unsent-state" title="UNSENT
463: state">UNSENT</a>, <a href="#opened-state" title="OPENED
464: state">OPENED</a>, <a href="#headers-received-state"
465: title="HEADERS_RECEIVED state">HEADERS_RECEIVED</a>, <a
466: href="#loading-state" title="LOADING state">LOADING</a> and <a
467: href="#done-state" title="DONE state">DONE</a>. The current state is
468: exposed through the <code><a href="#readystate">readyState</a></code>
469: attribute. The method definitions below define when a state transition
470: takes place.
1.60 avankest 471:
472: <p>When constructed, the <code><a
473: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object <em
1.72 avankest 474: class=ct>must</em> be in the UNSENT state. This state is represented by
1.135 avankest 475: the <dfn id=unsent-state title="UNSENT state"><code>UNSENT</code></dfn>
1.72 avankest 476: constant, whose value is <code>0</code>.
1.60 avankest 477:
1.135 avankest 478: <p>The OPENED state is the state of the object when the <code><a
1.132 avankest 479: href="#open">open()</a></code> method has been successfully invoked.
1.93 avankest 480: During this state request headers can be set using <code><a
1.132 avankest 481: href="#setrequestheader">setRequestHeader()</a></code> and the request can
482: be made using <code><a href="#send">send()</a></code>. This state is
1.135 avankest 483: represented by the <dfn id=opened-state title="OPENED
484: state"><code>OPENED</code></dfn> constant, whose value is <code>1</code>.
1.60 avankest 485:
1.135 avankest 486: <p>The OPENED state has an associated <dfn id=send-flag><code>send()</code>
1.105 avankest 487: flag</dfn> which can be either "true" or "false". The initial value of the
488: <code title="">send()</code> flag is "false".
1.88 avankest 489:
1.124 avankest 490: <p>The HEADERS_RECEIVED state is the state of the object when all response
491: headers have been received. This state is represented by the <dfn
1.132 avankest 492: id=headers-received-state title="HEADERS_RECEIVED
1.124 avankest 493: state"><code>HEADERS_RECEIVED</code></dfn> constant, whose value is
494: <code>2</code>.
495:
496: <p>The LOADING state is the state of the object when the response entity
1.132 avankest 497: body is being received. This state is represented by the <dfn
498: id=loading-state title="LOADING state"><code>LOADING</code></dfn>
499: constant, whose value is <code>3</code>.
1.60 avankest 500:
1.80 avankest 501: <p>The DONE state is the state of the object when either the data transfer
502: has been completed or something went wrong during the transfer (infinite
1.132 avankest 503: redirects for instance). This state is represented by the <dfn
504: id=done-state title="DONE state"><code>DONE</code></dfn> constant, whose
505: value is <code>4</code>.
1.60 avankest 506:
1.125 avankest 507: <p>The DONE state has an associated <dfn id=error-flag>error flag</dfn>
508: which can be either "true" or "false". The initial value of the error flag
509: is "false".
510:
1.89 avankest 511: <p>The <dfn id=response-entity-body>response entity body</dfn> is the
1.132 avankest 512: fragment of the <a href="#entity-body">entity body</a> received so far
1.89 avankest 513: (LOADING state) or the complete entity body (DONE state). If there is no
514: entity body the response entity body is "null".
515:
516: <p>The <dfn id=text-response-entity-body>text response entity body</dfn> is
1.170 ! avankest 517: a <code>DOMString</code> representing the <a
! 518: href="#response-entity-body">response entity body</a>. The text response
! 519: entity body is the return value of the following algorithm:
1.89 avankest 520:
521: <ol>
1.91 avankest 522: <li>
1.168 avankest 523: <p>If the response entity body is "null" return the empty string and
1.108 avankest 524: terminate these steps.</p>
1.91 avankest 525:
526: <li>
1.114 avankest 527: <p>Let <var>charset</var> be "null".
1.112 avankest 528:
529: <li>
1.91 avankest 530: <p>If there is no <code>Content-Type</code> header or there is a
531: <code>Content-Type</code> header which contains a MIME type that is
1.117 avankest 532: <code>text/xml</code>, <code>application/xml</code> or ends in <code
533: title="">+xml</code> (ignoring any parameters) use the rules set forth
1.127 avankest 534: in the XML specifications to determine the character encoding. Let
1.117 avankest 535: <var>charset</var> be the determined character encoding.
1.91 avankest 536:
537: <li>
1.128 avankest 538: <p>If there is a <code>Content-Type</code> header which contains a
1.146 avankest 539: <code>text/html</code> MIME type follow the rules set forth in the
540: HTML 5 specification to determine the character encoding. Let
1.143 avankest 541: <var>charset</var> be the determined character encoding. [<cite><a
1.146 avankest 542: href="#ref-html5">HTML5</a></cite>]
1.119 avankest 543:
544: <li>
1.141 avankest 545: <p>If the MIME type specified by the <code>Content-Type</code> header
546: contains a <code>charset</code> parameter and <var>charset</var> is
547: "null" let <var>charset</var> be the value of that parameter.</p>
1.116 avankest 548:
1.119 avankest 549: <p class=note>The algorithms described by the XML and HTML specifications
550: already take <code>Content-Type</code> into account.</p>
1.112 avankest 551:
552: <li> <!-- This stuff is copied from HTML5. Thanks Hixie! -->
1.114 avankest 553: <p>If <var>charset</var> is "null" then, for each of the rows in the
554: following table, starting with the first one and going down, if the
1.128 avankest 555: first bytes of <var>bytes</var> match the bytes given in the first
556: column, then let <var>charset</var> be the encoding given in the cell in
557: the second column of that row. If there is no match <var>charset</var>
558: remains "null".</p>
1.112 avankest 559:
560: <table>
561: <thead>
562: <tr>
563: <th>Bytes in Hexadecimal
564:
565: <th>Description
566:
567: <tbody>
568: <tr>
569: <td>00 00 FE FF
570:
571: <td>UTF-32BE BOM
572:
573: <tr>
574: <td>FF FE 00 00
575:
576: <td>UTF-32LE BOM
577:
578: <tr>
579: <td>FE FF
580:
581: <td>UTF-16BE BOM
582:
583: <tr>
584: <td>FF FE
585:
586: <td>UTF-16LE BOM
587:
588: <tr>
589: <td>EF BB BF
590:
1.118 avankest 591: <td>UTF-8 BOM<!-- nobody uses this
592: <tr>
593: <td>DD 73 66 73
594: <td>UTF-EBCDIC
1.112 avankest 595: -->
596:
597: </table>
598:
599: <li>
1.114 avankest 600: <p>If <var>charset</var> is "null" let <var>charset</var> be UTF-8.
1.91 avankest 601:
602: <li>
1.108 avankest 603: <p>Return the result of decoding the response entity body using
1.168 avankest 604: <var>charset</var>. Replace bytes or sequences of bytes that are not
605: valid accordng to the <var>charset</var> with a single U+FFFD character.
1.89 avankest 606: </ol>
607:
1.164 avankest 608: <p class=note>Authors are encouraged to simply encode their resources using
609: UTF-8.
610:
1.108 avankest 611: <p>The <dfn id=xml-response-entity-body>XML response entity body</dfn> is
612: either a <code>Document</code> representing the <a
1.127 avankest 613: href="#response-entity-body">response entity body</a> or
614: <code>null</code>. The XML response entity body is the return value of the
615: following algorithm:
1.89 avankest 616:
617: <ol>
1.91 avankest 618: <li>
1.108 avankest 619: <p>If the response entity body is "null" terminate these steps and return
620: <code>null</code>.
1.89 avankest 621:
622: <li>
1.104 avankest 623: <p>If a <code>Content-Type</code> is present and it does not contain a
624: MIME type (ignoring any parameters) that is <code>text/xml</code>,
1.117 avankest 625: <code>application/xml</code> or ends in <code title="">+xml</code>
626: terminate these steps and return <code>null</code>. (Do not terminate
627: these steps if there is no <code>Content-Type</code> header at all.)
1.89 avankest 628:
629: <li>
1.129 avankest 630: <p>Parse the response entity body into a document tree following the
631: rules from the XML specifications. Let the result be <var>parsed
632: document</var>. If this fails (unsupported character encoding, namespace
633: well-formedness error et cetera) terminate these steps return
634: <code>null</code>. [<cite><a href="#ref-xml">XML</a></cite>] [<cite><a
635: href="#ref-xmlns">XMLNS</a></cite>]</p>
636:
637: <p class=note>Scripts in the resulting document tree will not be
638: executed, resources referenced will not be loaded and no associated XSLT
639: will be applied.</p>
1.89 avankest 640:
641: <li>
1.97 avankest 642: <p>Return an object implementing the <code>Document</code> interface
643: representing the <var>parsed document</var>.
1.89 avankest 644: </ol>
645:
1.6 avankest 646: <dl>
1.132 avankest 647: <dt><dfn id=onreadystatechange><code>onreadystatechange</code></dfn> of
1.158 avankest 648: type <code>EventListener</code>
1.2 avankest 649:
650: <dd>
1.158 avankest 651: <p>This attribute is an <a href="#event-handler-attribute">event handler
652: DOM attribute</a> and <em class=ct>must</em> be invoked whenever a
653: <code><a href="#readystatechange">readystatechange</a></code> event is
654: targated at the object.
1.2 avankest 655:
1.132 avankest 656: <dt><dfn id=readystate><code>readyState</code></dfn> of type
1.2 avankest 657: <code>unsigned short</code>, readonly
658:
659: <dd>
1.151 avankest 660: <p>On getting the attribute <em class=ct>must</em> return the value of
661: the constant corresponding to the object's current state.
1.2 avankest 662:
1.132 avankest 663: <dt><dfn id=open title=open><code>open(<var>method</var>, <var>url</var>,
664: <var>async</var>, <var>user</var>, <var>password</var>)</code></dfn>,
665: method
1.2 avankest 666:
1.60 avankest 667: <dd>
668: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.97 avankest 669: following steps (unless otherwise indicated):</p>
1.2 avankest 670:
1.60 avankest 671: <ol>
672: <li>
1.157 avankest 673: <p>Let <var>stored method</var> be the <var>method</var> argument.
674:
675: <li>
676: <p>If <var>stored method</var> does not match the <dfn
677: id=method><code>Method</code> production</dfn>, defined in section
678: 5.1.1 of RFC 2616, raise a <code>SYNTAX_ERR</code> exception and
1.146 avankest 679: terminate these steps. [<cite><a
680: href="#ref-rfc2616">RFC2616</a></cite>]
1.2 avankest 681:
1.60 avankest 682: <li>
1.157 avankest 683: <p>If <var>stored method</var> <a href="#case-insensitive-match"
684: title="case-insensitive match">case-insensitively matches</a>
685: <code>CONNECT</code>, <code>DELETE</code>, <code>GET</code>,
686: <code>HEAD</code>, <code>OPTIONS</code> <code>POST</code>,
687: <code>PUT</code>, <code>TRACE</code>, or <code>TRACK</code> let
688: <var>stored method</var> be the canonical uppercase form of the
689: matched method name.
690: </li>
691: <!-- WebKit (and supposedly Firefox) also uppercase: COPY, INDEX, LOCK,
692: M-POST, MKCOL, MOVE, PROPFIND, PROPPATCH, and UNLOCK. -->
693:
694: <li>
695: <p>If <var>stored method</var> is one of <code>CONNECT</code>,
696: <code>TRACE</code>, or <code>TRACK</code> the user agent <em
697: class=ct>should</em> raise a <code><a
1.139 avankest 698: href="#security-err">SECURITY_ERR</a></code> exception and terminate
699: these steps.
1.2 avankest 700:
1.60 avankest 701: <li>
702: <p>Drop the fragment identifier (if any) from <var>url</var> and let
703: <var>stored url</var> be the result of that operation.
1.2 avankest 704:
1.60 avankest 705: <li>
1.97 avankest 706: <p>If <var>stored url</var> is a relative reference resolve it using
1.158 avankest 707: the current value of the <code>baseURI</code> attribute of the <a
708: href="#document-pointer"><code>Document</code> pointer</a>. If this
709: fails raise a <code>SYNTAX_ERR</code> exception and terminate these
710: steps.
1.2 avankest 711:
1.60 avankest 712: <li>
1.102 avankest 713: <p>If <var>stored url</var> contains an unsupported scheme raise a
714: <code>NOT_SUPPORTED_ERR</code> and terminate these steps.
715:
716: <li>
1.60 avankest 717: <p>If the <code>"user:password"</code> format in the
718: <code>userinfo</code> production defined in section 3.2.1 of RFC 3986
719: is not supported for the relevant scheme and <var>stored url</var>
1.99 avankest 720: contains this format raise a <code>SYNTAX_ERR</code> and terminate
721: these steps. [<cite><a href="#ref-rfc3986">RFC3986</a></cite>]
1.2 avankest 722:
1.60 avankest 723: <li>
724: <p>If <var>stored url</var> contains the <code>"user:password"</code>
725: format let <var>stored user</var> be the user part and <var>stored
726: password</var> be the password part.
1.2 avankest 727:
1.60 avankest 728: <li>
729: <p>If <var>stored url</var> just contains the <code>"user"</code>
730: format let <var>stored user</var> be the user part.
1.24 avankest 731:
1.60 avankest 732: <li>
1.142 avankest 733: <p>If <var>stored url</var> is not of the <a
1.158 avankest 734: href="#same-origin">same-origin</a> as the <a
735: href="#origin">origin</a> of the <a
736: href="#document-pointer"><code>Document</code> pointer</a> the user
737: agent <em class=ct>should</em> raise a <code><a
1.148 avankest 738: href="#security-err">SECURITY_ERR</a></code> exception and terminate
1.158 avankest 739: these steps.
1.70 avankest 740:
1.60 avankest 741: <li>
742: <p>Let <var>async</var> be the value of the <var>async</var> argument
1.103 avankest 743: or <code>true</code> if it was omitted.
1.60 avankest 744:
745: <li>
1.127 avankest 746: <p>If the <var>user</var> argument was not omitted, and its syntax does
747: not match that specified by the relevant authentication scheme, raise
748: a <code>SYNTAX_ERR</code> exception and terminate these steps.
1.60 avankest 749:
750: <li>
751: <p>If the <var>user</var> argument was not omitted and is not
752: <code>null</code> let <var>stored user</var> be <var>user</var>
753: encoded using the encoding specified in the relevant authentication
754: scheme or UTF-8 if the scheme fails to specify an encoding.</p>
1.2 avankest 755:
1.60 avankest 756: <p class=note>This step overrides any user that may have been set by
757: the <var>url</var> argument.</p>
1.17 avankest 758:
1.60 avankest 759: <li>
760: <p>If the <var>user</var> argument was not omitted and is
761: <code>null</code> remove <var>stored user</var>.
1.17 avankest 762:
1.60 avankest 763: <li>
764: <p>If the <var>password</var> argument was not omitted and its syntax
765: does not match that specified by the relevant authentication scheme
1.99 avankest 766: raise a <code>SYNTAX_ERR</code> exception and terminate these steps.
1.17 avankest 767:
1.60 avankest 768: <li>
769: <p>If the <var>password</var> argument was not omitted and is not
770: <code>null</code> let <var>stored password</var> be
771: <var>password</var> encoded using the encoding specified in the
772: relevant authentication scheme or UTF-8 if the scheme fails to specify
773: an encoding.
1.17 avankest 774:
1.60 avankest 775: <li>
776: <p>If the <var>password</var> argument was not omitted and is
777: <code>null</code> remove <var>stored password</var>.
1.17 avankest 778:
1.60 avankest 779: <li>
1.109 avankest 780: <p><a href="#abort-send-algorithm" title="abort send()">Abort the
781: <code>send()</code> algorithm</a>, set <a
782: href="#response-entity-body">response entity body</a> to "null" and
783: reset the list of request headers.
1.17 avankest 784:
1.60 avankest 785: <p>
1.44 avankest 786:
1.60 avankest 787: <li>
1.109 avankest 788: <p>The user agent <em class=ct>should</em> cancel any network activity
789: for which the object is responsible.
1.60 avankest 790: </li>
791: <!-- we can hardly require it... -->
1.22 avankest 792:
1.60 avankest 793: <li>
1.135 avankest 794: <p>Switch the object to the <a href="#opened-state" title="OPENED
795: state">OPENED</a> state, set the <a
1.132 avankest 796: href="#send-flag"><code>send()</code> flag</a> to "false" and then
797: synchronously dispatch a <code><a
798: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 799: object and return the method call.
1.60 avankest 800: </ol>
1.24 avankest 801:
1.25 avankest 802: <p class=note>A future version or extension of this specification will
1.35 avankest 803: most likely define a way of doing cross-site requests.</p>
1.26 avankest 804:
1.132 avankest 805: <dt><dfn id=setrequestheader
1.25 avankest 806: title=setrequestheader><code>setRequestHeader(<var>header</var>,
1.18 avankest 807: <var>value</var>)</code></dfn>, method
1.6 avankest 808:
809: <dd>
1.164 avankest 810: <p>Each request has a list of request headers with associated values. The
811: <code><a href="#setrequestheader">setRequestHeader()</a></code> method
812: can be used to manipulate those values and set new request headers.</p>
813:
814: <p class=note>The <code><a
815: href="#setrequestheader">setRequestHeader()</a></code> method appends a
816: value if the HTTP header given as argument is already part of the list
817: of request headers.</p>
1.47 avankest 818:
1.60 avankest 819: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.97 avankest 820: following steps (unless otherwise indicated):</p>
1.60 avankest 821:
822: <ol>
823: <li>
1.135 avankest 824: <p>If the state of the object is not <a href="#opened-state"
825: title="OPENED state">OPENED</a> raise an
826: <code>INVALID_STATE_ERR</code> exception and terminate these steps.
1.6 avankest 827:
1.60 avankest 828: <li>
1.104 avankest 829: <p>If the <a href="#send-flag"><code>send()</code> flag</a> is "true"
1.99 avankest 830: raise an <code>INVALID_STATE_ERR</code> exception and terminate these
1.97 avankest 831: steps.
1.60 avankest 832:
833: <li>
1.98 avankest 834: <p>If the <var>header</var> argument does not match the <dfn
1.60 avankest 835: id=field-name><code>field-name</code> production</dfn> as defined by
1.97 avankest 836: section 4.2 of RFC 2616 or is <code>null</code> raise a
1.99 avankest 837: <code>SYNTAX_ERR</code> exception and terminate these steps. [<cite><a
1.146 avankest 838: href="#ref-rfc2616">RFC2616</a></cite>]
1.71 avankest 839:
840: <li>
1.99 avankest 841: <p>If the <var>value</var> argument is <code>null</code> terminate
842: these steps. (Do not raise an exception.)
1.71 avankest 843: </li>
844: <!-- undefined is to be treated as null here... -->
1.60 avankest 845:
846: <li>
1.98 avankest 847: <p>If the <var>value</var> argument does not match the <dfn
1.60 avankest 848: id=field-value><code>field-value</code> production</dfn> as defined by
1.99 avankest 849: section 4.2 of RFC 2616 raise a <code>SYNTAX_ERR</code> and terminate
1.146 avankest 850: these steps. [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]
1.60 avankest 851:
852: <li>
1.133 avankest 853: <p>For security reasons, these steps <em class=ct>should</em> be
1.99 avankest 854: terminated if the <var>header</var> argument <a
855: href="#case-insensitive-match" title="case-insensitive
856: match">case-insensitively matches</a> one of the following headers:</p>
1.34 avankest 857:
858: <ul>
859: <li><code>Accept-Charset</code>
860:
861: <li><code>Accept-Encoding</code>
862:
1.69 avankest 863: <li><code>Connection</code>
864:
1.34 avankest 865: <li><code>Content-Length</code>
866:
1.69 avankest 867: <li><code>Content-Transfer-Encoding</code>
868:
869: <li><code>Date</code>
870:
1.34 avankest 871: <li><code>Expect</code>
872:
873: <li><code>Host</code>
874:
875: <li><code>Keep-Alive</code>
876:
877: <li><code>Referer</code>
878:
879: <li><code>TE</code>
880:
881: <li><code>Trailer</code>
882:
883: <li><code>Transfer-Encoding</code>
884:
885: <li><code>Upgrade</code>
1.69 avankest 886:
887: <li><code>Via</code>
1.34 avankest 888: </ul>
1.6 avankest 889:
1.60 avankest 890: <li>
1.133 avankest 891: <p>Also for security reasons, these steps <em class=ct>should</em> be
1.169 avankest 892: terminated if the start of the <var>header</var> argument <a
893: href="#case-insensitive-match" title="case-insensitive
894: match">case-insensitively matches</a> <code>Proxy-</code> or
895: <code>Sec-</code>.
1.133 avankest 896:
897: <li>
1.60 avankest 898: <p>If the <var>header</var> argument is not in the list of request
1.97 avankest 899: headers append the <var>header</var> with its associated
1.99 avankest 900: <var>value</var> to the list and terminate these steps.
1.46 avankest 901:
1.60 avankest 902: <li>
903: <p>If the <var>header</var> argument is in the list of request headers
1.97 avankest 904: either use multiple headers, combine the values or use a combination
905: of those (section 4.2, RFC 2616). [<cite><a
1.146 avankest 906: href="#ref-rfc2616">RFC2616</a></cite>]
1.97 avankest 907: </li>
908: <!-- XXX it seems UAs always combine the values -->
1.60 avankest 909: </ol>
1.18 avankest 910:
1.132 avankest 911: <p class=note>See also the <code><a href="#send">send()</a></code> method
912: regarding user agent header handling for caching, authentication,
1.47 avankest 913: proxies, and cookies.</p>
914:
1.25 avankest 915: <div class=example>
1.60 avankest 916: <pre><code>// The following script:
1.18 avankest 917: var client = new XMLHttpRequest();
918: client.open('GET', 'demo.cgi');
919: client.setRequestHeader('X-Test', 'one');
920: client.setRequestHeader('X-Test', 'two');
921: client.send();
922:
923: // ...would result in the following header being sent:
924: ...
925: X-Test: one, two
1.60 avankest 926: ...</code></pre>
1.18 avankest 927: </div>
1.6 avankest 928:
1.132 avankest 929: <dt><dfn id=send title=send><code>send(<var>data</var>)</code></dfn>,
1.25 avankest 930: method
1.2 avankest 931:
932: <dd>
1.132 avankest 933: <p>The <code><a href="#send">send()</a></code> method initiates the
1.107 avankest 934: request and its optional argument provides the <a
1.164 avankest 935: href="#entity-body">entity body</a>.</p>
936:
937: <p class=note>Authors are encouraged to ensure that they have specified
938: the <code>Content-Type</code> header via <code><a
939: href="#setrequestheader">setRequestHeader()</a></code> before invoking
940: <code><a href="#send">send()</a></code> with a non-<code>null</code>
941: <var>data</var> argument.</p>
1.60 avankest 942:
943: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.109 avankest 944: following steps (unless otherwise noted). Note that this algorithm might
1.132 avankest 945: get aborted if the <code><a href="#open">open()</a></code> or <code><a
946: href="#abort">abort()</a></code> method is invoked. When the <dfn
947: id=abort-send-algorithm title="abort send()"><code>send()</code>
948: algorithm is aborted</dfn> the user agent <em class=ct>must</em>
949: terminate the algorithm after finishing the step it is on.</p>
1.109 avankest 950:
951: <p class=note>The following algorithm can not be aborted through script
952: when <var>async</var> is <code>false</code>. It can only be aborted when
953: <var>async</var> is <code>true</code> and only after the method call has
954: returned.</p>
1.60 avankest 955:
956: <ol>
957: <li>
1.135 avankest 958: <p>If the state of the object is not <a href="#opened-state"
959: title="OPENED state">OPENED</a> raise an
960: <code>INVALID_STATE_ERR</code> exception and terminate these steps.
1.60 avankest 961:
962: <li>
1.104 avankest 963: <p>If the <a href="#send-flag"><code>send()</code> flag</a> is "true"
1.99 avankest 964: raise an <code>INVALID_STATE_ERR</code> exception and terminate these
1.97 avankest 965: steps.
1.60 avankest 966:
967: <li>
1.104 avankest 968: <p>If <var>async</var> is <code>true</code> set the <a
969: href="#send-flag"><code>send()</code> flag</a> to "true".
1.103 avankest 970:
971: <li>
1.167 avankest 972: <p>If <var>stored method</var> is <code>GET</code> act as if the
973: <var>data</var> argument is <code>null</code>.</p>
974:
1.60 avankest 975: <p>If the <var>data</var> argument has not been omitted and is not
1.132 avankest 976: <code>null</code> use it for the <dfn id=entity-body>entity body</dfn>
977: as defined by section 7.2 of RFC 2616 observing the following rules:
1.146 avankest 978: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.60 avankest 979:
1.120 avankest 980: <dl class=switch>
1.60 avankest 981: <dt><var>data</var> is a <code>DOMString</code>
982:
1.79 avankest 983: <dd>
1.164 avankest 984: <p>Encode <var>data</var> using UTF-8 for transmission.</p>
985:
1.165 avankest 986: <p>If a <code>Content-Type</code> header is set using <code><a
987: href="#setrequestheader">setRequestHeader()</a></code> set the
988: <code>charset</code> parameter of that header to <code>UTF-8</code>.</p>
1.60 avankest 989:
990: <dt><var>data</var> is a <code>Document</code>
991:
992: <dd>
1.97 avankest 993: <p>Serialize <var>data</var> into a namespace well-formed XML
994: document and encoded using the encoding given by
1.166 avankest 995: <code><var>data</var>.inputEncoding</code>, when not
996: <code>null</code>, or UTF-8 otherwise. Or, if this fails because the
997: <code>Document</code> cannot be serialized act as if <var>data</var>
998: is <code>null</code>.</p>
999:
1000: <p>If no <code>Content-Type</code> header has been set using <code><a
1001: href="#setrequestheader">setRequestHeader()</a></code> append a
1002: <code>Content-Type</code> header to the list of request headers with
1003: a value of <code>application/xml;charset=<var>charset</var></code>
1004: where <var>charset</var> is the encoding used to encode the
1005: document.</p>
1.60 avankest 1006:
1007: <p class=note>Subsequent changes to the <code>Document</code> have no
1008: effect on what is submitted.</p>
1009:
1010: <dt><var>data</var> is not a <code>DOMString</code> or
1011: <code>Document</code>
1012:
1.79 avankest 1013: <dd>
1.97 avankest 1014: <p>Use the stringification mechanisms of the host language on
1015: <var>data</var> and treat the result as if <var>data</var> is a
1.167 avankest 1016: <code>DOMString</code>. Or, if this fails, act as if the
1017: <var>data</var> argument is <code>null</code>.
1.60 avankest 1018: </dl>
1019:
1.127 avankest 1020: <p>If the <var>data</var> argument has been omitted, or is
1021: <code>null</code>, no entity body is used in the request.</p>
1.60 avankest 1022:
1023: <li>
1.72 avankest 1024: <p>Make a request to <var>stored url</var>, using HTTP method
1025: <var>stored method</var>, user <var>stored user</var> (if provided)
1026: and password <var>stored password</var> (if provided), taking into
1027: account the entity body, list of request headers and the rules listed
1028: directly after this set of steps.
1.60 avankest 1029:
1030: <li>
1.97 avankest 1031: <p>Synchronously dispatch a <code><a
1.132 avankest 1032: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 1033: object.</p>
1034:
1035: <p class=note>The state of the object does not change. The event is
1036: dispatched for historical reasons.</p>
1.68 avankest 1037:
1038: <li>
1.103 avankest 1039: <p>If <var>async</var> is <code>true</code> return the <code><a
1.132 avankest 1040: href="#send">send()</a></code> method call. (Do not terminate the
1.103 avankest 1041: steps in the algorithm though.)
1.60 avankest 1042:
1043: <li>
1.124 avankest 1044: <p>While downloading the resource the following rules are to be
1045: observed.</p>
1.119 avankest 1046:
1.120 avankest 1047: <dl class=switch>
1.119 avankest 1048: <dt>If the response is an HTTP redirect
1049:
1050: <dd>
1.146 avankest 1051: <p>If the redirect does not violate security (it is <a
1052: href="#same-origin">same-origin</a> for instance) or infinite loop
1053: precautions and the scheme is supported transparently follow the
1.167 avankest 1054: redirect and go to the start of this step (step 8).</p>
1.119 avankest 1055:
1056: <p class=note>HTTP places requirements on the user agent regarding
1057: the preservation of the request method and entity body during
1058: redirects, and also requires users to be notified of certain kinds
1059: of automatic redirections.</p>
1060: <!-- Arguably HTTP should be fixed for the latter case. No browser
1061: follows that as far as I know. -->
1062:
1063: <p>Otherwise, follow the following set of steps:</p>
1064:
1065: <ol>
1066: <li>
1.125 avankest 1067: <p>Set the <a href="#response-entity-body">response entity body</a>
1068: to "null", the <a href="#error-flag">error flag</a> to "true" and
1069: reset the list of request headers.
1.119 avankest 1070:
1071: <li>
1.132 avankest 1072: <p>Synchronously switch the state to <a href="#done-state"
1073: title="DONE state">DONE</a>.
1.119 avankest 1074:
1075: <li>
1076: <p>If <var>async</var> is set to <code>false</code> raise a
1077: <code><a href="#network-err">NETWORK_ERR</a></code> exception and
1078: terminate the overall algorithm.
1079:
1080: <li>
1081: <p>Synchronously dispatch a <code><a
1.132 avankest 1082: href="#readystatechange">readystatechange</a></code> event on the
1083: object.
1.119 avankest 1084:
1085: <li>
1086: <p>Terminate the overall algorithm.
1087: </ol>
1088:
1089: <p class=note>It is likely that a future version of the <code><a
1090: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1091: dispatch an <code>error</code> event here as well.</p>
1092:
1093: <dt>If the user cancels the download
1094:
1095: <dd>
1096: <p>Run the following set of steps:</p>
1097:
1098: <ol>
1099: <li>
1.125 avankest 1100: <p>Set the <a href="#response-entity-body">response entity body</a>
1101: to "null", the <a href="#error-flag">error flag</a> to "true" and
1102: reset the list of request headers.
1.119 avankest 1103:
1104: <li>
1.132 avankest 1105: <p>Synchronously switch the state to <a href="#done-state"
1106: title="DONE state">DONE</a>.
1.119 avankest 1107:
1108: <li>
1.122 avankest 1109: <p>If <var>async</var> is set to <code>false</code> raise an
1110: <code><a href="#abort-err">ABORT_ERR</a></code> exception and
1.119 avankest 1111: terminate the overall algorithm.
1112:
1113: <li>
1114: <p>Synchronously dispatch a <code><a
1.132 avankest 1115: href="#readystatechange">readystatechange</a></code> event on the
1116: object.
1.119 avankest 1117:
1118: <li>
1119: <p>Terminate the overall algorithm.
1120: </ol>
1121:
1122: <p class=note>It is likely that a future version of the <code><a
1123: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1.122 avankest 1124: dispatch an <code title="">abort</code> event here as well.</p>
1.119 avankest 1125:
1126: <dt>In case of network errors
1.118 avankest 1127:
1.119 avankest 1128: <dd>
1.127 avankest 1129: <p>In case of DNS errors, or other type of network errors, run the
1130: following set of steps. <span class=note>This does not include HTTP
1131: responses that indicate some type of error, such as HTTP status code
1.119 avankest 1132: 410.</span></p>
1133:
1134: <ol>
1135: <li>
1.125 avankest 1136: <p>Set the <a href="#response-entity-body">response entity body</a>
1137: to "null", the <a href="#error-flag">error flag</a> to "true" and
1138: reset the list of request headers.
1.119 avankest 1139:
1140: <li>
1.132 avankest 1141: <p>Synchronously switch the state to <a href="#done-state"
1142: title="DONE state">DONE</a>.
1.119 avankest 1143:
1144: <li>
1145: <p>If <var>async</var> is set to <code>false</code> raise a
1146: <code><a href="#network-err">NETWORK_ERR</a></code> exception and
1147: terminate the overall algorithm.
1148:
1149: <li>
1150: <p>Synchronously dispatch a <code><a
1.132 avankest 1151: href="#readystatechange">readystatechange</a></code> event on the
1152: object.
1.119 avankest 1153:
1154: <li>
1155: <p>Terminate the overall algorithm.
1156: </ol>
1157:
1158: <p class=note>It is likely that a future version of the <code><a
1159: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1160: dispatch an <code>error</code> event here as well.</p>
1161:
1162: <dt>Once all HTTP headers have been received
1.60 avankest 1163:
1.119 avankest 1164: <dd>
1165: <p>If all HTTP headers have been received, before receiving the
1.124 avankest 1166: message body (if any), run the following steps:</p>
1.60 avankest 1167:
1.119 avankest 1168: <ol>
1169: <li>
1.132 avankest 1170: <p>Synchronously switch the state to <a
1171: href="#headers-received-state" title="HEADERS_RECEIVED
1172: state">HEADERS_RECEIVED</a>.
1.119 avankest 1173:
1174: <li>
1175: <p>Synchronously dispatch a <code><a
1.132 avankest 1176: href="#readystatechange">readystatechange</a></code> event on the
1177: object.
1.124 avankest 1178: </ol>
1179:
1180: <dt>Once the first byte (or more) of the response entity body has been
1181: received
1182:
1183: <dt>If there is no response entity body
1.119 avankest 1184:
1.124 avankest 1185: <dd>
1186: <ol>
1.119 avankest 1187: <li>
1.132 avankest 1188: <p>Synchronously switch the state to <a href="#loading-state"
1.119 avankest 1189: title="LOADING state">LOADING</a>.
1190:
1191: <li>
1192: <p>Synchronously dispatch a <code><a
1.132 avankest 1193: href="#readystatechange">readystatechange</a></code> event on the
1194: object.
1.119 avankest 1195: </ol>
1196: </dl>
1.60 avankest 1197:
1.125 avankest 1198: <p>Finally, once the complete resource has been downloaded go to the
1199: next step.</p>
1.60 avankest 1200:
1201: <li>
1.83 avankest 1202: <p>When the request has successfully completed loading, synchronously
1.132 avankest 1203: switch the state to <a href="#done-state" title="DONE state">DONE</a>
1204: and then synchronously dispatch a <code><a
1205: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 1206: object and return the method call in case of <var>async</var> being
1207: <code>false</code>.
1.60 avankest 1208: </ol>
1.19 avankest 1209:
1.92 avankest 1210: <p>If the user agent allows the user to configure a proxy it <em
1.25 avankest 1211: class=ct>should</em> modify the request appropriately; <abbr title="in
1.2 avankest 1212: other words">i.e.</abbr>, connect to the proxy host instead of the
1213: origin server, modify the <code>Request-Line</code> and send
1214: <code>Proxy-Authorization</code> headers as specified.</p>
1215:
1.44 avankest 1216: <p>If the user agent supports HTTP Authentication it <em
1217: class=ct>should</em> consider requests originating from this object to
1218: be part of the protection space that includes the accessed URIs and send
1.19 avankest 1219: <code>Authorization</code> headers and handle <code>401
1.138 avankest 1220: Unauthorized</code> requests appropriately. If authentication fails,
1.44 avankest 1221: user agents <em class=ct>should</em> prompt the users for credentials.
1222: [<cite><a href="#ref-rfc2617">RFC2617</a></cite>]</p>
1.19 avankest 1223:
1.59 avankest 1224: <p>If the user agent supports HTTP State Management it <em
1.44 avankest 1225: class=ct>should</em> persist, discard and send cookies (as received in
1226: the <code>Set-Cookie</code> and <code>Set-Cookie2</code> response
1227: headers, and sent in the <code>Cookie</code> header) as applicable.
1.51 avankest 1228: [<cite><a href="#ref-rfc2965">RFC2965</a></cite>]</p>
1.164 avankest 1229: <!-- It has been said that RFC2965 does not match reality. -->
1.44 avankest 1230: <p>If the user agent implements a HTTP cache it <em class=ct>should</em>
1231: respect <code>Cache-Control</code> request headers set by the script
1232: (<abbr title="for example">e.g.</abbr>, <code>Cache-Control:
1233: no-cache</code> bypasses the cache). It <em class=ct>must not</em> send
1.25 avankest 1234: <code>Cache-Control</code> or <code>Pragma</code> request headers
1.138 avankest 1235: automatically unless the user explicitly requests such behavior
1.44 avankest 1236: (<abbr>e.g.</abbr>, by (force-)reloading the page). <code>304 Not
1237: Modified</code> responses that are a result of a user agent generated
1238: conditional request <em class=ct>must</em> be presented as <code>200
1.59 avankest 1239: OK</code> responses with the appropriate content. The user agent <em
1.44 avankest 1240: class=ct>must</em> allow scripts to override automatic cache validation
1241: by setting request headers (e.g., <code>If-None-Match</code>,
1.16 avankest 1242: <code>If-Modified-Since</code>), in which case <code>304 Not
1.44 avankest 1243: Modified</code> responses <em class=ct>must</em> be passed through.
1.146 avankest 1244: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.2 avankest 1245:
1.44 avankest 1246: <p>If the user agent implements server-driven content-negotiation it <em
1.162 avankest 1247: class=ct>should</em> set <code>Accept-Encoding</code> and
1248: <code>Accept-Charset</code> headers as appropriate; it <em class=ct>must
1.163 avankest 1249: not</em> automatically set the <code>Accept</code>. If the
1250: <code>Accept-Language</code> header is not set using <code><a
1251: href="#setrequestheader">setRequestHeader()</a></code> user agents <em
1252: class=ct>should</em> provide it. Responses to such requests <em
1.128 avankest 1253: class=ct>must</em> have the content-encodings automatically decoded.
1.146 avankest 1254: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.18 avankest 1255:
1.132 avankest 1256: <dt><dfn id=abort><code>abort()</code></dfn>, method
1.6 avankest 1257:
1258: <dd>
1.62 avankest 1259: <p>When invoked, the user agent <em class=ct>must</em> run the following
1.97 avankest 1260: steps (unless otherwise noted):</p>
1.6 avankest 1261:
1.62 avankest 1262: <ol>
1263: <li>
1.109 avankest 1264: <p><a href="#abort-send-algorithm" title="abort send()">Abort the
1265: <code>send()</code> algorithm</a>, set the <a
1.125 avankest 1266: href="#response-entity-body">response entity body</a> to "null", the
1.136 avankest 1267: <a href="#error-flag">error flag</a> to "true" and remove any
1268: registered request headers.
1.62 avankest 1269:
1270: <li>
1.109 avankest 1271: <p>The user agent <em class=ct>should</em> cancel any network activity
1272: for which the object is responsible.
1.62 avankest 1273:
1.80 avankest 1274: <li>
1.135 avankest 1275: <p>If the state is <a href="#unsent-state" title="UNSENT
1276: state">UNSENT</a>, <a href="#opened-state" title="OPENED
1277: state">OPENED</a> and the <a href="#send-flag"><code>send()</code>
1278: flag</a> is "false", or <a href="#done-state" title="DONE
1279: state">DONE</a> go to the next step.</p>
1.84 avankest 1280:
1.132 avankest 1281: <p>Otherwise, switch the state to <a href="#done-state" title="DONE
1.136 avankest 1282: state">DONE</a>, set the <a href="#send-flag"><code>send()</code>
1283: flag</a> to "false" and synchronously dispatch a <code><a
1.132 avankest 1284: href="#readystatechange">readystatechange</a></code> event on the
1.84 avankest 1285: object.</p>
1.68 avankest 1286:
1.62 avankest 1287: <li>
1.135 avankest 1288: <p>Switch the state to <a href="#unsent-state" title="UNSENT
1.98 avankest 1289: state">UNSENT</a>. (Do not dispatch the <code><a
1.132 avankest 1290: href="#readystatechange">readystatechange</a></code> event.)</p>
1.62 avankest 1291:
1.83 avankest 1292: <p class=note>It is likely that a future version of the <code><a
1293: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1294: dispatch an <code title="">abort</code> event here as well.</p>
1.62 avankest 1295: </ol>
1.26 avankest 1296:
1.6 avankest 1297: <dt><dfn
1.132 avankest 1298: id=getallresponseheaders><code>getAllResponseHeaders()</code></dfn>,
1.13 avankest 1299: method
1.2 avankest 1300:
1301: <dd>
1.62 avankest 1302: <p>When invoked, the user agent <em class=ct>must</em> run the following
1303: steps:</p>
1.60 avankest 1304:
1305: <ol>
1.77 avankest 1306: <li>
1.135 avankest 1307: <p>If the state is <a href="#unsent-state" title="UNSENT
1308: state">UNSENT</a> or <a href="#opened-state" title="OPENED
1309: state">OPENED</a> raise an <code>INVALID_STATE_ERR</code> exception
1310: and terminate these steps.
1.125 avankest 1311:
1312: <li>
1313: <p>If the <a href="#error-flag">error flag</a> is "true" return
1314: <code>null</code> and terminate these steps.
1.77 avankest 1315:
1316: <li>
1.97 avankest 1317: <p>Return all the HTTP headers, as a single string, with each header
1.168 avankest 1318: line separated by a U+000D (CR) U+000A (LF) pair excluding the status
1.97 avankest 1319: line.
1.60 avankest 1320: </ol>
1.6 avankest 1321:
1.25 avankest 1322: <div class=example>
1.60 avankest 1323: <pre><code>// The following script:
1.6 avankest 1324: var client = new XMLHttpRequest();
1.18 avankest 1325: client.open("GET", "test.txt", true);
1.6 avankest 1326: client.send();
1.16 avankest 1327: client.onreadystatechange = function() {
1.17 avankest 1328: if(this.readyState == 3) {
1.16 avankest 1329: print(this.getAllResponseHeaders());
1330: }
1331: }
1.6 avankest 1332:
1333: // ...should output something similar to the following text:
1334: Date: Sun, 24 Oct 2004 04:58:38 GMT
1335: Server: Apache/1.3.31 (Unix)
1336: Keep-Alive: timeout=15, max=99
1337: Connection: Keep-Alive
1338: Transfer-Encoding: chunked
1.60 avankest 1339: Content-Type: text/plain; charset=utf-8</code></pre>
1.6 avankest 1340: </div>
1341:
1.132 avankest 1342: <dt><dfn id=getresponseheader
1.25 avankest 1343: title=getresponseheader><code>getResponseHeader(<var>header</var>)</code></dfn>,
1.13 avankest 1344: method
1.2 avankest 1345:
1.6 avankest 1346: <dd>
1.60 avankest 1347: <p>When the method is invoked, the user agent <em class=ct>must</em> run
1348: the following steps:</p>
1349:
1350: <ol>
1.77 avankest 1351: <li>
1.135 avankest 1352: <p>If the state is <a href="#unsent-state" title="UNSENT
1353: state">UNSENT</a> or <a href="#opened-state" title="OPENED
1354: state">OPENED</a> raise an <code>INVALID_STATE_ERR</code> exception
1355: and terminate these steps.
1.125 avankest 1356:
1357: <li>
1.150 avankest 1358: <p>If the <var>header</var> argument does not match the <a
1359: href="#field-name"><code>field-name</code> production</a> return the
1360: empty string and terminate these steps.
1361:
1362: <li>
1.125 avankest 1363: <p>If the <a href="#error-flag">error flag</a> is "true" return
1364: <code>null</code> and terminate these steps.
1.17 avankest 1365:
1.77 avankest 1366: <li>
1.81 avankest 1367: <p>If the <var>header</var> argument <a href="#case-insensitive-match"
1368: title="case-insensitive match">case-insensitively matches</a> multiple
1.128 avankest 1369: HTTP headers for the last request sent, return the values of these
1.97 avankest 1370: headers as a single concatenated string separated from each other by
1.168 avankest 1371: an U+002C followed by an U+0020 character and terminate these steps.
1.77 avankest 1372:
1373: <li>
1.81 avankest 1374: <p>If the <var>header</var> argument <a href="#case-insensitive-match"
1375: title="case-insensitive match">case-insensitively matches</a> a single
1.97 avankest 1376: HTTP header for the last request sent return the value of that header
1.99 avankest 1377: and terminate these steps.
1.77 avankest 1378:
1379: <li>
1.97 avankest 1380: <p>Return <code>null</code>.
1.60 avankest 1381: </ol>
1.17 avankest 1382:
1.25 avankest 1383: <div class=example>
1.60 avankest 1384: <pre><code>// The following script:
1.1 avankest 1385: var client = new XMLHttpRequest();
1.18 avankest 1386: client.open("GET", "test.txt", true);
1.6 avankest 1387: client.send();
1.16 avankest 1388: client.onreadystatechange = function() {
1.17 avankest 1389: if(this.readyState == 3) {
1.18 avankest 1390: print(client.getResponseHeader("Content-Type"));
1.16 avankest 1391: }
1392: }
1.1 avankest 1393:
1.6 avankest 1394: // ...should output something similar to the following text:
1.164 avankest 1395: text/plain; charset=utf-8</code></pre>
1.2 avankest 1396: </div>
1397:
1.132 avankest 1398: <dt><dfn id=responsetext><code>responseText</code></dfn> of type
1.9 avankest 1399: <code>DOMString</code>, readonly
1.6 avankest 1400:
1401: <dd>
1.89 avankest 1402: <p>On getting, the user agent <em class=ct>must</em> run the following
1403: steps:</p>
1404:
1405: <ol>
1406: <li>
1.132 avankest 1407: <p>If the state is not <a href="#loading-state" title="LOADING
1408: state">LOADING</a> or <a href="#done-state" title="DONE
1.170 ! avankest 1409: state">DONE</a> return the empty string and terminate these steps.
1.6 avankest 1410:
1.89 avankest 1411: <li>
1412: <p>Return the <a href="#text-response-entity-body">text response entity
1413: body</a>.
1414: </ol>
1.12 avankest 1415:
1.132 avankest 1416: <dt><dfn id=responsexml><code>responseXML</code></dfn> of type
1.9 avankest 1417: <code>Document</code>, readonly
1.6 avankest 1418:
1419: <dd>
1.76 avankest 1420: <p>On getting, the user agent <em class=ct>must</em> run the following
1421: steps:</p>
1422:
1423: <ol>
1424: <li>
1.132 avankest 1425: <p>If the state is not <a href="#done-state" title="DONE
1.170 ! avankest 1426: state">DONE</a> return <code>null</code> and terminate these steps.
1.76 avankest 1427:
1428: <li>
1.89 avankest 1429: <p>Return the <a href="#xml-response-entity-body">XML response entity
1430: body</a>.
1.76 avankest 1431: </ol>
1.12 avankest 1432:
1.132 avankest 1433: <dt><dfn id=status><code>status</code></dfn> of type <code>unsigned
1.9 avankest 1434: short</code>, readonly
1.6 avankest 1435:
1436: <dd>
1.73 avankest 1437: <p>On getting, if available, it <em class=ct>must</em> return the HTTP
1438: status code sent by the server (typically <code>200</code> for a
1439: successful request). Otherwise, if not available, the user agent <em
1440: class=ct>must</em> raise an <code>INVALID_STATE_ERR</code> exception.</p>
1.12 avankest 1441:
1.132 avankest 1442: <dt><dfn id=statustext><code>statusText</code></dfn> of type
1.9 avankest 1443: <code>DOMString</code>, readonly
1.2 avankest 1444:
1.6 avankest 1445: <dd>
1.73 avankest 1446: <p>On getting, if available, it <em class=ct>must</em> return the HTTP
1447: status text sent by the server (appears after the status code).
1448: Otherwise, if not available, the user agent <em class=ct>must</em> raise
1449: an <code>INVALID_STATE_ERR</code> exception.</p>
1.2 avankest 1450: </dl>
1451:
1.168 avankest 1452: <h3 id=events><span class=secno>4.1 </span>Events for the <code
1.33 avankest 1453: title="">XMLHttpRequest</code> Object</h3>
1.2 avankest 1454:
1.135 avankest 1455: <p>This section describes the various events that can be dispatched on
1456: objects implementing the <code><a
1.60 avankest 1457: href="#xmlhttprequest-object">XMLHttpRequest</a></code> interface. For
1458: this version of the specification only one event is defined.
1.2 avankest 1459:
1.1 avankest 1460: <dl>
1.132 avankest 1461: <dt><dfn id=readystatechange><code>readystatechange</code></dfn>
1.2 avankest 1462:
1.73 avankest 1463: <dd>When the user agent dispatches a <code
1464: title="">readystatechange</code> event (as indicated above) it <em
1465: class=ct>must not</em> bubble, <em class=ct>must not</em> be cancelable
1466: and <em class=ct>must</em> implement the <code>Event</code> interface.
1467: Its <code>namespaceURI</code> attribute <em class=ct>must</em> be
1.146 avankest 1468: <code>null</code>. [<cite><a
1.156 avankest 1469: href="#ref-dom2events">DOM2Events</a></cite>]
1.1 avankest 1470: </dl>
1.2 avankest 1471:
1.168 avankest 1472: <h3 id=exceptions><span class=secno>4.2 </span>Exceptions for the <code
1.33 avankest 1473: title="">XMLHttpRequest</code> Object</h3>
1474:
1.139 avankest 1475: <p>Several algorithms in this specification may result in an exception
1476: being thrown. These exceptions are all part of the group
1477: <code>ExceptionCode</code> and use the <code>DOMException</code> object
1478: which is defined in DOM Level 3 Core. In addition this specification
1479: extends the <code>ExceptionCode</code> group with several new constants as
1.146 avankest 1480: indicated below. [<cite><a href="#ref-dom3core">DOM3Core</a></cite>]
1.139 avankest 1481:
1.34 avankest 1482: <pre
1.139 avankest 1483: class=idl>const unsigned short <a href="#security-err">SECURITY_ERR</a> = 18;
1.122 avankest 1484: const unsigned short <a href="#network-err">NETWORK_ERR</a> = 101;
1485: const unsigned short <a href="#abort-err">ABORT_ERR</a> = 102;</pre>
1.33 avankest 1486:
1.139 avankest 1487: <p>The <dfn id=security-err><code>SECURITY_ERR</code></dfn> exception is
1488: raised if an attempt is made to perform an operation or access some data
1489: in a way that would be a security risk or a violation of the user agent's
1490: security policy.</p>
1491: <!-- http://lists.w3.org/Archives/Public/public-webapi/2006May/0027.html -->
1492:
1493: <p class=note>The <code title="">SECURITY_ERR</code> exception is expected
1494: to be eventually folded into an update of the the DOM Level 3 Core
1495: specification with an equivalent definition and identical constant value.
1496: Until that happens it is defined here to guide implementors. (This is also
1.154 avankest 1497: the reason the constant value is not in line with the other exceptions.)
1.139 avankest 1498:
1.35 avankest 1499: <p>The <dfn id=network-err><code>NETWORK_ERR</code></dfn> exception is
1.139 avankest 1500: raised when a network error occurs in synchronous requests.
1.122 avankest 1501:
1.139 avankest 1502: <p>The <dfn id=abort-err><code>ABORT_ERR</code></dfn> exception is raised
1.122 avankest 1503: when the user aborts a request in synchronous requests.
1504:
1.31 avankest 1505: <h2 class=no-num id=notcovered>Not in this Specification</h2>
1506:
1.144 avankest 1507: <p><em>This section is non-normative.</em>
1.31 avankest 1508:
1.73 avankest 1509: <p>This specification does not include the following features which are
1510: being considered for a future version of this specification:
1.31 avankest 1511:
1512: <ul>
1513: <li><code>load</code> event and <code>onload</code> attribute;
1514:
1515: <li><code>error</code> event and <code>onerror</code> attribute;
1516:
1517: <li><code>progress</code> event and <code>onprogress</code> attribute;
1518:
1519: <li><code title="">abort</code> event and <code>onabort</code> attribute;
1520:
1521: <li>Timers have been suggested, perhaps an <code>ontimeout</code>
1522: attribute;
1523:
1524: <li>Property to disable following redirects;
1525:
1.32 avankest 1526: <li><code title="">responseXML</code> for <code>text/html</code>
1527: documents;
1.31 avankest 1528:
1.42 avankest 1529: <li>Cross-site <code title="">XMLHttpRequest</code>;
1530:
1.88 avankest 1531: <li><code>responseBody</code> to deal with byte streams;
1.42 avankest 1532:
1.115 avankest 1533: <li><code>overrideMimeType</code> to fix up MIME types;
1534:
1.88 avankest 1535: <li><code>getRequestHeader()</code> and
1536: <code>removeRequestHeader()</code>.
1.31 avankest 1537: </ul>
1538:
1.25 avankest 1539: <h2 class=no-num id=bibref>References</h2>
1.2 avankest 1540:
1.7 avankest 1541: <dl>
1.156 avankest 1542: <dt>[<dfn id=ref-dom2events>DOM2Events</dfn>]
1543:
1544: <dd><cite><a href="http://www.w3.org/TR/DOM-Level-2-Events/">Document
1.161 avankest 1545: Object Model (DOM) Level 2 Events Specification</a></cite>, T. Pixley,
1546: editor. W3C, November 2000.
1.156 avankest 1547:
1.146 avankest 1548: <dt>[<dfn id=ref-dom3core>DOM3Core</dfn>]
1.2 avankest 1549:
1.15 avankest 1550: <dd><cite><a href="http://www.w3.org/TR/DOM-Level-3-Core">Document Object
1551: Model (DOM) Level 3 Core Specification</a></cite>, A. Le Hors, P. Le
1.140 avankest 1552: Hégaret, L. Wood, G. Nicol, J. Robie, M. Champion, S. Byrne,
1553: editors. W3C, April 2004.
1.2 avankest 1554:
1.39 avankest 1555: <dt>[<dfn id=ref-ecmascript>ECMAScript</dfn>]
1.18 avankest 1556:
1557: <dd><cite><a
1558: href="http://www.ecma-international.org/publications/standards/Ecma-262.htm">ECMAScript
1559: Language Specification</a></cite>, Third Edition. ECMA, December 1999.
1560:
1.146 avankest 1561: <dt>[<dfn id=ref-html5>HTML5</dfn>]
1.143 avankest 1562:
1563: <dd><cite><a
1564: href="http://www.whatwg.org/specs/web-apps/current-work/">HTML 5</a></cite>
1.147 avankest 1565: (work in progress), Ian Hickson, editor. WHATWG, 2007.
1.18 avankest 1566:
1.146 avankest 1567: <dt>[<dfn id=ref-rfc2119>RFC2119</dfn>]
1.15 avankest 1568:
1.118 avankest 1569: <dd><cite><a href="http://ietf.org/rfc/rfc2119">Key words for use in RFCs
1570: to Indicate Requirement Levels</a></cite>, S. Bradner. IETF, March 1997.
1.15 avankest 1571:
1.146 avankest 1572: <dt>[<dfn id=ref-rfc2616>RFC2616</dfn>]
1.15 avankest 1573:
1574: <dd><cite><a href="http://ietf.org/rfc/rfc2616">Hypertext Transfer
1575: Protocol -- HTTP/1.1</a></cite>, R. Fielding, J. Gettys, J. Mogul, H.
1.93 avankest 1576: Frystyk, L. Masinter, P. Leach, T. Berners-Lee, editors. IETF, June 1999.
1.15 avankest 1577:
1.39 avankest 1578: <dt>[<dfn id=ref-rfc2617>RFC2617</dfn>]
1.15 avankest 1579:
1580: <dd><cite><a href="http://ietf.org/rfc/rfc2617">HTTP Authentication: Basic
1.93 avankest 1581: and Digest Access Authentication</a></cite>, P. Hallam-Baker, J.
1582: Hostetler, S. Lawrence, P. Leach, A. Luotonen, L. Stewart, editors. IETF,
1583: June 1999.
1.2 avankest 1584:
1.39 avankest 1585: <dt>[<dfn id=ref-rfc2965>RFC2965</dfn>]
1.2 avankest 1586:
1.22 avankest 1587: <dd><cite><a href="http://ietf.org/rfc/rfc2965">HTTP State Management
1588: Mechanism</a></cite>, D. Kristol, L. Montulli, editors. IETF, October
1589: 2000.
1590:
1.39 avankest 1591: <dt>[<dfn id=ref-rfc3986>RFC3986</dfn>]
1.2 avankest 1592:
1.15 avankest 1593: <dd><cite><a href="http://ietf.org/rfc/rfc3986">Uniform Resource
1594: Identifier (URI): Generic Syntax</a></cite>, T. Berners-Lee, R. Fielding,
1595: L. Masinter, editors. IETF, January 2005.
1.30 avankest 1596:
1.142 avankest 1597: <dt>[<dfn id=ref-rfc3987>RFC3987</dfn>]
1598:
1599: <dd><cite><a href="http://ietf.org/rfc/rfc3987">Internationalized Resource
1600: Identifiers (IRIs)</a></cite>, M. Duerst, M. Suignard, editors. IETF,
1601: January 2005.
1602:
1.43 avankest 1603: <dt>[<dfn id=ref-xml>XML</dfn>]
1604:
1605: <dd><cite><a href="http://www.w3.org/TR/xml/">Extensible Markup Language
1606: (XML) 1.0 (Fourth Edition)</a></cite>, T. Bray, J. Paoli, C.
1.118 avankest 1607: Sperberg-McQueen, E. Maler, F. Yergeau, editors. W3C, September 2006.
1.43 avankest 1608:
1609: <dt>[<dfn id=ref-xmlns>XMLNS</dfn>]
1610:
1611: <dd><cite><a href="http://www.w3.org/TR/xml-names/">Namespaces in XML
1.118 avankest 1612: (Second Edition)</a></cite>, T. Bray, D. Hollander, A. Layman, R. Tobin,
1613: editors. W3C, August 2006.
1.2 avankest 1614: </dl>
1615:
1.131 avankest 1616: <h2 class=no-num id=acknowledgments>Acknowledgments</h2>
1.2 avankest 1617:
1.164 avankest 1618: <p>The editor would like to thank Addison Phillips, Ahmed Kamel, Alex
1619: Hopmann, Alex Vincent, Alexey Proskuryakov, Asbjørn Ulsberg, Boris
1620: Zbarsky, Björn Höhrmann, Cameron McCormack, Christophe Jolif,
1621: Charles McCathieNevile, Dan Winship, David Håsäther, Dean
1622: Jackson, Denis Sureau, Doug Schepers, Douglas Livingstone, Elliotte
1623: Harold, Eric Lawrence, Geoffrey Sneddon, Gideon Cohn, Gorm Haug Eriksen,
1624: Hallvord R. M. Steen, Håkon Wium Lie, Ian Davis, Ian Hickson, Ivan
1625: Herman, Jeff Walden, Jens Lindström, Jim Deegan, Jim Ley, Joe Farro,
1626: Jonas Sicking, Julian Reschke, Karl Dubost, Maciej Stachowiak, Magnus
1627: Kristiansen, Marc Hadley, Marcos Caceres, Mark Baker, Mark Nottingham,
1628: Mohamed Zergaoui, Pawel Glowacki, Robin Berjon, Ruud Steltenpool, Simon
1629: Pieters, Stewart Brodie, Sunava Dutta, Tom Magliery and Zhenbin Xu for
1630: their contributions to this specification.
1.2 avankest 1631:
1632: <p>Special thanks to the Microsoft employees who first implemented the
1.144 avankest 1633: <code title="">XMLHttpRequest</code> interface, which was first widely
1634: deployed by the Windows Internet Explorer browser.
1.2 avankest 1635:
1.56 avankest 1636: <p>Special thanks also to the WHATWG for drafting an initial version of
1.131 avankest 1637: this specification in their Web Applications 1.0 document (now renamed to
1.146 avankest 1638: HTML 5). [<cite><a href="#ref-html5">HTML5</a></cite>]
1.2 avankest 1639:
1640: <p>Thanks also to all those who have helped to improve this specification
1641: by sending suggestions and corrections. (Please, keep bugging us with your
1642: issues!)
Webmaster
![[BACK]](/https/dev.w3.org/cvsweb/icons/back.gif){kind=icon}
Return to Overview.html CVS log ![[TXT]](/https/dev.w3.org/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/https/dev.w3.org/cvsweb/icons/dir.gif){kind=icon}
Up to [Public] / 2006 / webapi / XMLHttpRequest