Annotation of 2006/webapi/XMLHttpRequest/Overview.html, revision 1.175
1.1 avankest 1: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">
1.2 avankest 2:
1.25 avankest 3: <html lang=en-US>
1.1 avankest 4: <head>
5: <title>The XMLHttpRequest Object</title>
1.2 avankest 6:
1.20 avankest 7: <style type="text/css">
1.118 avankest 8: pre.idl { border:solid thin; background:#eee; color:#000; padding:0.5em }
1.20 avankest 9: pre.idl :link, pre.idl :visited { color:inherit; background:transparent }
1.60 avankest 10: pre code { color:inherit; background:transparent }
1.20 avankest 11: div.example { margin-left:1em; padding-left:1em; border-left:double; color:#222; background:#fcfcfc }
1.90 avankest 12: .note { margin-left:2em; font-weight:bold; font-style:italic; color:#008000 }
1.20 avankest 13: p.note::before { content:"Note: " }
1.90 avankest 14: .issue { padding:.5em; border:solid #f00 }
1.20 avankest 15: p.issue::before { content:"Issue: " }
1.120 avankest 16: dl.switch { padding-left:2em }
17: dl.switch dt { text-indent:-1.5em }
18: dl.switch dt:before { content:'\21AA'; padding:0 0.5em 0 0; display:inline-block; width:1em; text-align:right; line-height:0.5em }
1.20 avankest 19: em.ct { text-transform:lowercase; font-variant:small-caps; font-style:normal }
20: dfn { font-weight:bold; font-style:normal }
21: code { color:orangered }
22: code :link, code :visited { color:inherit }
1.123 avankest 23: h1 code, h2 code, h3 code { color:inherit; background:inherit; font:inherit }
1.20 avankest 24: </style>
1.174 avankest 25: <link href="http://www.w3.org/StyleSheets/TR/W3C-ED" rel=stylesheet>
1.2 avankest 26:
1.1 avankest 27: <body>
1.25 avankest 28: <div class=head>
29: <p><a href="http://www.w3.org/"><img alt=W3C height=48
30: src="http://www.w3.org/Icons/w3c_home" width=72></a></p>
1.2 avankest 31:
1.157 avankest 32: <h1 class=head id=the-xmlhttprequest-object>The <code
1.14 avankest 33: title="">XMLHttpRequest</code> Object</h1>
1.2 avankest 34:
1.174 avankest 35: <h2 class="no-num no-toc" id=w3c-doctype>Editor's Draft 12 May 2008</h2>
1.2 avankest 36:
1.1 avankest 37: <dl>
1.154 avankest 38: <dt>This Version:
1.2 avankest 39:
40: <dd><a
1.174 avankest 41: href="http://www.w3.org/TR/2008/ED-XMLHttpRequest-20080512/">http://www.w3.org/TR/2008/ED-XMLHttpRequest-20080512/</a>
1.2 avankest 42:
1.14 avankest 43: <dt>Latest Version:
1.2 avankest 44:
45: <dd><a
46: href="http://www.w3.org/TR/XMLHttpRequest/">http://www.w3.org/TR/XMLHttpRequest/</a>
47:
1.14 avankest 48: <dt>Previous Versions:
1.2 avankest 49:
50: <dd><a
1.174 avankest 51: href="http://www.w3.org/TR/2008/WD-XMLHttpRequest-20080415/">http://www.w3.org/TR/2008/WD-XMLHttpRequest-20080415/</a>
52:
53: <dd><a
1.155 avankest 54: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071026/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20071026/</a>
55:
56: <dd><a
1.134 avankest 57: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070618/</a>
58:
59: <dd><a
1.60 avankest 60: href="http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070227/">http://www.w3.org/TR/2007/WD-XMLHttpRequest-20070227/</a>
61:
62: <dd><a
1.25 avankest 63: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060927/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060927/</a>
64:
65: <dd><a
1.2 avankest 66: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060619/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060619/</a>
67:
68: <dd><a
69: href="http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060405/">http://www.w3.org/TR/2006/WD-XMLHttpRequest-20060405/</a>
70:
71: <dt>Editor:
72:
73: <dd><a href="http://annevankesteren.nl/">Anne van Kesteren</a> (<a
74: href="http://www.opera.com/">Opera Software ASA</a>) <<a
75: href="mailto:annevk@opera.com">annevk@opera.com</a>>
1.1 avankest 76: </dl>
1.2 avankest 77:
1.25 avankest 78: <p class=copyright><a
1.2 avankest 79: href="http://www.w3.org/Consortium/Legal/ipr-notice#Copyright">Copyright</a>
1.53 avankest 80: © 2007 <a href="http://www.w3.org/"><acronym title="World Wide Web
81: Consortium">W3C</acronym></a><sup>®</sup> (<a
82: href="http://www.csail.mit.edu/"><acronym title="Massachusetts Institute
83: of Technology">MIT</acronym></a>, <a
84: href="http://www.ercim.org/"><acronym title="European Research Consortium
85: for Informatics and Mathematics">ERCIM</acronym></a>, <a
1.2 avankest 86: href="http://www.keio.ac.jp/">Keio</a>), All Rights Reserved. W3C <a
87: href="http://www.w3.org/Consortium/Legal/ipr-notice#Legal_Disclaimer">liability</a>,
88: <a
89: href="http://www.w3.org/Consortium/Legal/ipr-notice#W3C_Trademarks">trademark</a>
90: and <a
91: href="http://www.w3.org/Consortium/Legal/copyright-documents">document
92: use</a> rules apply.</p>
1.1 avankest 93: </div>
1.2 avankest 94:
95: <hr>
96:
1.25 avankest 97: <h2 class="no-num no-toc" id=specabstract>Abstract</h2>
1.2 avankest 98:
1.25 avankest 99: <p>The <code title="">XMLHttpRequest</code> Object specification defines an
100: <abbr title="Application Programming Interface">API</abbr> that provides
101: scripted client functionality for transferring data between a client and a
102: server.
103:
104: <h2 class="no-num no-toc" id=sotd>Status of this Document</h2>
1.2 avankest 105:
106: <p><em>This section describes the status of this document at the time of
107: its publication. Other documents may supersede this document. A list of
108: current W3C publications and the latest revision of this technical report
109: can be found in the <a href="http://www.w3.org/TR/">W3C technical reports
1.173 avankest 110: index</a> at http://www.w3.org/TR/.</em>
1.2 avankest 111:
1.174 avankest 112: <p>This is the 12 May 2008 Last Call Working Draft of The <code
1.148 avankest 113: title="">XMLHttpRequest</code> Object specification. Please send comments
114: to <a href="mailto:public-webapi@w3.org">public-webapi@w3.org</a> (<a
1.49 avankest 115: href="http://lists.w3.org/Archives/Public/public-webapi/">archived</a>)
116: with either <samp>[XHR]</samp> or <samp title="">[XMLHttpRequest]</samp>
1.173 avankest 117: at the start of the subject line before befor 2 June 2008.
1.49 avankest 118:
119: <p>This document is produced by the <a
120: href="http://www.w3.org/2006/webapi/">Web API Working Group</a>, part of
121: the <a href="http://www.w3.org/2006/rwc/Activity">Rich Web Clients
122: Activity</a> in the W3C <a
123: href="http://www.w3.org/Interaction/">Interaction Domain</a>. Changes made
124: to this document can be found in the <a
125: href="http://dev.w3.org/cvsweb/2006/webapi/XMLHttpRequest/Overview.html">W3C
126: public CVS server</a>.
1.2 avankest 127:
128: <p>Publication as a Working Draft does not imply endorsement by the W3C
129: Membership. This is a draft document and may be updated, replaced or
130: obsoleted by other documents at any time. It is inappropriate to cite this
131: document as other than work in progress.
132:
133: <p>This document was produced by a group operating under the <a
134: href="http://www.w3.org/Consortium/Patent-Policy-20040205/">5 February
1.54 avankest 135: 2004 W3C Patent Policy</a>. W3C maintains a <a
136: href="http://www.w3.org/2004/01/pp-impl/38482/status"
1.25 avankest 137: rel=disclosure>public list of any patent disclosures</a> made in
1.2 avankest 138: connection with the deliverables of the group; that page also includes
139: instructions for disclosing a patent. An individual who has actual
140: knowledge of a patent which the individual believes contains <a
141: href="http://www.w3.org/Consortium/Patent-Policy-20040205/#def-essential">Essential
142: Claim(s)</a> must disclose the information in accordance with <a
143: href="http://www.w3.org/Consortium/Patent-Policy-20040205/#sec-Disclosure">section
144: 6 of the W3C Patent Policy</a>.
145:
1.25 avankest 146: <h2 class="no-num no-toc" id=toc>Table of Contents</h2>
1.2 avankest 147: <!--begin-toc-->
148:
1.25 avankest 149: <ul class=toc>
150: <li><a href="#introduction"><span class=secno>1. </span>Introduction</a>
1.154 avankest 151:
152: <li><a href="#conformance"><span class=secno>2. </span>Conformance</a>
1.25 avankest 153: <ul class=toc>
1.168 avankest 154: <li><a href="#dependencies"><span class=secno>2.1
1.154 avankest 155: </span>Dependencies</a>
1.2 avankest 156:
1.168 avankest 157: <li><a href="#terminology"><span class=secno>2.2 </span>Terminology</a>
1.81 avankest 158:
1.168 avankest 159: <li><a href="#extensibility"><span class=secno>2.3
1.154 avankest 160: </span>Extensibility</a>
161: </ul>
1.81 avankest 162:
1.154 avankest 163: <li><a href="#security"><span class=secno>3. </span>Security
164: Considerations</a>
1.2 avankest 165:
1.154 avankest 166: <li><a href="#xmlhttprequest"><span class=secno>4. </span>The <code
1.16 avankest 167: title="">XMLHttpRequest</code> Object</a>
1.25 avankest 168: <ul class=toc>
1.168 avankest 169: <li><a href="#events"><span class=secno>4.1 </span>Events for the <code
1.33 avankest 170: title="">XMLHttpRequest</code> Object</a>
171:
1.168 avankest 172: <li><a href="#exceptions"><span class=secno>4.2 </span>Exceptions for
1.33 avankest 173: the <code title="">XMLHttpRequest</code> Object</a>
1.11 avankest 174: </ul>
1.2 avankest 175:
1.31 avankest 176: <li class=no-num><a href="#notcovered">Not in this Specification</a>
177:
1.25 avankest 178: <li class=no-num><a href="#bibref">References</a>
1.2 avankest 179:
1.131 avankest 180: <li class=no-num><a href="#acknowledgments">Acknowledgments</a>
1.2 avankest 181: </ul>
182: <!--end-toc-->
183:
1.25 avankest 184: <h2 id=introduction><span class=secno>1. </span>Introduction</h2>
1.2 avankest 185:
186: <p><em>This section is non-normative.</em>
187:
1.60 avankest 188: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
189: object implements an interface exposed by a scripting engine that allows
190: scripts to perform HTTP client functionality, such as submitting form data
191: or loading data from a server.
1.2 avankest 192:
193: <p>The name of the object is <code><a
1.60 avankest 194: href="#xmlhttprequest-object">XMLHttpRequest</a></code> for compatibility
1.128 avankest 195: with the Web, though each component of this name is potentially
1.60 avankest 196: misleading. First, the object supports any text based format, including
197: XML. Second, it can be used to make requests over both HTTP and HTTPS
198: (some implementations support protocols in addition to HTTP and HTTPS, but
199: that functionality is not covered by this specification). Finally, it
200: supports "requests" in a broad sense of the term as it pertains to HTTP;
201: namely all activity involved with HTTP requests or responses for the
202: defined HTTP methods.
1.2 avankest 203:
1.25 avankest 204: <div class=example>
1.18 avankest 205: <p>Some simple code to do something with data from an XML document fetched
206: over the network:</p>
207:
1.60 avankest 208: <pre><code>function test(data) {
1.18 avankest 209: // taking care of data
210: }
211:
212: function handler() {
1.118 avankest 213: if(this.readyState == 4 && this.status == 200) {
1.18 avankest 214: // so far so good
1.118 avankest 215: if(this.responseXML != null && this.responseXML.getElementById('test').firstChild.data)
216: // success!
1.18 avankest 217: test(this.responseXML.getElementById('test').firstChild.data);
218: else
219: test(null);
1.118 avankest 220: } else if (this.readyState == 4 && this.status != 200) {
1.18 avankest 221: // fetched the wrong page or network error...
222: test(null);
223: }
224: }
225:
226: var client = new XMLHttpRequest();
227: client.onreadystatechange = handler;
228: client.open("GET", "test.xml");
1.60 avankest 229: client.send();</code></pre>
1.18 avankest 230:
1.58 avankest 231: <p>If you just want to log a message to the server:</p>
1.18 avankest 232:
1.60 avankest 233: <pre><code>function log(message) {
1.18 avankest 234: var client = new XMLHttpRequest();
1.58 avankest 235: client.open("POST", "/log");
1.59 avankest 236: client.setRequestHeader("Content-Type", "text/plain;charset=UTF-8");
1.18 avankest 237: client.send(message);
1.60 avankest 238: }</code></pre>
1.18 avankest 239:
240: <p>Or if you want to check the status of a document on the server:</p>
241:
1.60 avankest 242: <pre><code>function fetchStatus(address) {
1.18 avankest 243: var client = new XMLHttpRequest();
244: client.onreadystatechange = function() {
245: // in case of network errors this might not give reliable results
246: if(this.readyState == 4)
247: returnStatus(this.status);
248: }
249: client.open("HEAD", address);
250: client.send();
1.60 avankest 251: }</code></pre>
1.18 avankest 252: </div>
1.2 avankest 253:
1.154 avankest 254: <h2 id=conformance><span class=secno>2. </span>Conformance</h2>
1.2 avankest 255:
1.29 avankest 256: <p>Everything in this specification is normative except for diagrams,
1.2 avankest 257: examples, notes and sections marked non-normative.
258:
1.25 avankest 259: <p>The key words <em class=ct>must</em>, <em class=ct>must not</em>, <em
1.75 avankest 260: class=ct>should</em> and <em class=ct>may</em> in this document are to be
261: interpreted as described in RFC 2119. [<cite><a
1.146 avankest 262: href="#ref-rfc2119">RFC2119</a></cite>]
1.2 avankest 263:
264: <p>This specification defines the following classes of products:
265:
266: <dl>
1.75 avankest 267: <dt><dfn id=conforming-user-agent>Conforming user agent</dfn>
1.2 avankest 268:
1.75 avankest 269: <dd>
270: <p>A user agent <em class=ct>must</em> behave as described in this
1.107 avankest 271: specification in order to be considered conformant.</p>
1.75 avankest 272:
1.141 avankest 273: <p>If the user agent is not a conforming XML user agent the <a
274: href="#xml-response-entity-body">XML response entity body</a> <em
275: class=ct>must</em> (always) be <code>null</code>.</p>
276:
277: <p>User agents <em class=ct>may</em> implement algorithms given in this
278: specification in any way desired, so long as the end result is
279: indistinguishable from the result that would be obtained by the
280: specification's algorithms.</p>
1.2 avankest 281:
1.96 avankest 282: <p class=note>This specification uses both the terms "conforming user
283: agent(s)" and "user agent(s)" to refer to this product class.</p>
284:
1.95 avankest 285: <dt><dfn id=conforming-xml-user-agent>Conforming XML user agent</dfn>
286:
287: <dd>
1.164 avankest 288: <p>An XML user agent <em class=ct>must</em> be a <a
289: href="#conforming-user-agent">conforming user agent</a> and <em
290: class=ct>must</em> be a conforming XML processor that reports violations
291: of namespace well-formedness. [<cite><a href="#ref-xml">XML</a></cite>]
292: [<cite><a href="#ref-xmlns">XMLNS</a></cite>]
1.2 avankest 293: </dl>
294:
1.168 avankest 295: <h3 id=dependencies><span class=secno>2.1 </span>Dependencies</h3>
1.2 avankest 296:
1.31 avankest 297: <p>This specification relies on several underlying specifications.
1.2 avankest 298:
1.31 avankest 299: <dl>
300: <dt>DOM
1.2 avankest 301:
1.31 avankest 302: <dd>
1.127 avankest 303: <p>A <a href="#conforming-user-agent" title="conforming user
304: agent">conforming user agent</a> <em class=ct>must</em> support some
1.151 avankest 305: subset of the functionality defined in DOM Events and DOM Core that this
306: specification relies upon. [<cite><a
1.156 avankest 307: href="#ref-dom2events">DOM2Events</a></cite>] [<cite><a
308: href="#ref-dom3core">DOM3Core</a></cite>]
1.2 avankest 309:
1.162 avankest 310: <dt>HTML 5
311:
312: <dd>
313: <p>This specification depends on HTML 5 for defining the
314: <code>Window</code> object and finding the character encoding of a
315: <code>text/html</code> resource. A <a
316: href="#conforming-user-agent">conforming user agent</a> <em
317: class=ct>must</em> support these features. [<cite><a
318: href="#ref-html5">HTML5</a></cite>]</p>
319:
320: <p class=note>The <a
321: href="http://www.w3.org/TR/2006/WD-Window-20060407/">Window Object
322: 1.0</a> draft is not referenced normatively as it appears to be no
323: longer maintained and HTML 5 defines the <code>Window</code> object
324: in more detail. This specification already depends on HTML 5 for
325: other reasons so there is not much additional overhead because of this.</p>
326:
1.31 avankest 327: <dt>HTTP
1.11 avankest 328:
1.31 avankest 329: <dd>
1.156 avankest 330: <p>A <a href="#conforming-user-agent">conforming user agent</a> <em
331: class=ct>must</em> support some version of the HTTP protocol. It <em
332: class=ct>should</em> support any HTTP method that matches the <a
333: href="#method"><code>Method</code> production</a> and <em
334: class=ct>must</em> at least support the following methods:</p>
1.81 avankest 335:
1.60 avankest 336: <ul>
337: <li><code>GET</code>
338:
339: <li><code>POST</code>
340:
341: <li><code>HEAD</code>
342:
343: <li><code>PUT</code>
344:
345: <li><code>DELETE</code>
346:
347: <li><code>OPTIONS</code>
348: </ul>
349:
350: <p>Other requirements regarding HTTP are made throughout the
1.146 avankest 351: specification. [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.31 avankest 352: </dl>
1.2 avankest 353:
1.168 avankest 354: <h3 id=terminology><span class=secno>2.2 </span>Terminology</h3>
1.81 avankest 355:
356: <p>There is a <dfn id=case-insensitive-match>case-insensitive match</dfn>
1.154 avankest 357: of strings <var>s1</var> and <var>s2</var> if after mapping the ASCII
358: character range A-Z to the range a-z both strings are identical.
1.2 avankest 359:
1.142 avankest 360: <p>Two URIs are <dfn id=same-origin>same-origin</dfn> if after performing
361: scheme-based normalization on both URIs as described in section 5.3.3 of
1.146 avankest 362: RFC 3987 the scheme, ihost and port components are identical. If either
1.154 avankest 363: URI does not have an ihost component the URIs <em class=ct>must not</em>
364: be considered same-origin. [<cite><a
1.148 avankest 365: href="#ref-rfc3987">RFC3987</a></cite>]
1.142 avankest 366:
1.158 avankest 367: <p>The terms <dfn id=origin>origin</dfn> and <dfn
368: id=event-handler-attribute>event handler DOM attribute</dfn> are defined
369: by the HTML 5 specification. [<cite><a
370: href="#ref-html5">HTML5</a></cite>]
1.156 avankest 371:
1.168 avankest 372: <h3 id=extensibility><span class=secno>2.3 </span>Extensibility</h3>
1.2 avankest 373:
1.82 avankest 374: <p>Extensions of the API defined by this specification are <em>strongly
1.31 avankest 375: discouraged</em>. User agents, Working Groups and other interested parties
1.35 avankest 376: should discuss extensions on a relevant public forum, preferably <a
1.31 avankest 377: href="mailto:public-webapi@w3.org">public-webapi@w3.org</a>.
1.2 avankest 378:
1.154 avankest 379: <h2 id=security><span class=secno>3. </span>Security Considerations</h2>
380:
1.155 avankest 381: <p>Apart from requirements affecting security made throughout this
382: specification implementations <em class=ct>may</em>, at their discretion,
1.159 avankest 383: not expose certain headers, such as HttpOnly cookies.
1.154 avankest 384:
385: <h2 id=xmlhttprequest><span class=secno>4. </span>The <code
1.16 avankest 386: title="">XMLHttpRequest</code> Object</h2>
1.2 avankest 387:
1.60 avankest 388: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
389: object can be used by scripts to programmatically connect to their
390: originating server via HTTP.
1.2 avankest 391:
392: <p>Objects implementing the <code><a
1.60 avankest 393: href="#xmlhttprequest-object">XMLHttpRequest</a></code> interface <em
394: class=ct>must</em> also implement the <code>EventTarget</code> interface.
1.156 avankest 395: [<cite><a href="#ref-dom2events">DOM2Events</a></cite>]
1.60 avankest 396:
397: <p>Objects implementing the <code title="">Window</code> interface <em
398: class=ct>must</em> provide an <code title="">XMLHttpRequest()</code>
1.156 avankest 399: constructor. [<cite><a href="#ref-html5">HTML5</a></cite>]
1.2 avankest 400:
1.25 avankest 401: <div class=example>
1.60 avankest 402: <p>In ECMAScript this can be used as follows:</p>
1.118 avankest 403:
1.60 avankest 404: <pre><code>var client = new XMLHttpRequest();</code></pre>
1.1 avankest 405: </div>
1.2 avankest 406:
1.60 avankest 407: <p>When the <code title="">XMLHttpRequest()</code> constructor is invoked a
1.158 avankest 408: persistent pointer to the associated <code title="">Document</code> object
409: is stored on the newly created object. This is the <dfn
410: id=document-pointer title="Document pointer"><code>Document</code>
411: pointer</dfn>. The associated <code>Document</code> object is the one
412: returned by the <code>document</code> attribute from the object on which
413: the <code title="">XMLHttpRequest()</code> constructor was invoked (a
414: <code>Window</code> object). The pointer can become "null" if the object
415: is destroyed.
416:
417: <p class=note>As per the conformance criteria implementations are free to
418: implement this in any way they desire as long as the end results are
419: identical to those given by the English prose.
1.2 avankest 420:
1.60 avankest 421: <div class=example>
1.158 avankest 422: <p>If <var><code>iframe</code></var> is a <code title="">Window</code>
423: object <var><code>client</code></var> will have a pointer to
424: <var><code>iframe.document</code></var> in the following example:</p>
1.60 avankest 425:
1.158 avankest 426: <pre><code>var client = new iframe.XMLHttpRequest()</code></pre>
1.60 avankest 427: </div>
1.11 avankest 428:
1.60 avankest 429: <pre
430: class=idl>interface <dfn id=xmlhttprequest-object>XMLHttpRequest</dfn> {
431: // event handler
1.132 avankest 432: attribute EventListener <a href="#onreadystatechange">onreadystatechange</a>;
1.60 avankest 433:
434: // state
1.135 avankest 435: const unsigned short <a href="#unsent-state" title="UNSENT state">UNSENT</a> = 0;
436: const unsigned short <a href="#opened-state" title="OPENED state">OPENED</a> = 1;
1.132 avankest 437: const unsigned short <a href="#headers-received-state" title="HEADERS_RECEIVED state">HEADERS_RECEIVED</a> = 2;
438: const unsigned short <a href="#loading-state" title="LOADING state">LOADING</a> = 3;
439: const unsigned short <a href="#done-state" title="DONE state">DONE</a> = 4;
440: readonly attribute unsigned short <a href="#readystate">readyState</a>;
1.60 avankest 441:
442: // request
1.132 avankest 443: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>);
444: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>);
445: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>, in DOMString <var>user</var>);
446: void <a href="#open">open</a>(in DOMString <var>method</var>, in DOMString <var>url</var>, in boolean <var>async</var>, in DOMString <var>user</var>, in DOMString <var>password</var>);
447: void <a href="#setrequestheader">setRequestHeader</a>(in DOMString <var>header</var>, in DOMString <var>value</var>);
448: void <a href="#send">send</a>();
449: void <a href="#send">send</a>(in DOMString <var>data</var>);
450: void <a href="#send">send</a>(in Document <var>data</var>);
451: void <a href="#abort">abort</a>();
1.60 avankest 452:
453: // response
1.132 avankest 454: DOMString <a href="#getallresponseheaders">getAllResponseHeaders</a>();
455: DOMString <a href="#getresponseheader">getResponseHeader</a>(in DOMString <var>header</var>);
456: readonly attribute DOMString <a href="#responsetext">responseText</a>;
457: readonly attribute Document <a href="#responsexml">responseXML</a>;
458: readonly attribute unsigned short <a href="#status">status</a>;
459: readonly attribute DOMString <a href="#statustext">statusText</a>;
1.5 avankest 460: };</pre>
1.2 avankest 461:
1.60 avankest 462: <p>The <code><a href="#xmlhttprequest-object">XMLHttpRequest</a></code>
1.135 avankest 463: object can be in five states: <a href="#unsent-state" title="UNSENT
464: state">UNSENT</a>, <a href="#opened-state" title="OPENED
465: state">OPENED</a>, <a href="#headers-received-state"
466: title="HEADERS_RECEIVED state">HEADERS_RECEIVED</a>, <a
467: href="#loading-state" title="LOADING state">LOADING</a> and <a
468: href="#done-state" title="DONE state">DONE</a>. The current state is
469: exposed through the <code><a href="#readystate">readyState</a></code>
470: attribute. The method definitions below define when a state transition
471: takes place.
1.60 avankest 472:
473: <p>When constructed, the <code><a
474: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object <em
1.72 avankest 475: class=ct>must</em> be in the UNSENT state. This state is represented by
1.135 avankest 476: the <dfn id=unsent-state title="UNSENT state"><code>UNSENT</code></dfn>
1.72 avankest 477: constant, whose value is <code>0</code>.
1.60 avankest 478:
1.135 avankest 479: <p>The OPENED state is the state of the object when the <code><a
1.132 avankest 480: href="#open">open()</a></code> method has been successfully invoked.
1.93 avankest 481: During this state request headers can be set using <code><a
1.132 avankest 482: href="#setrequestheader">setRequestHeader()</a></code> and the request can
483: be made using <code><a href="#send">send()</a></code>. This state is
1.135 avankest 484: represented by the <dfn id=opened-state title="OPENED
485: state"><code>OPENED</code></dfn> constant, whose value is <code>1</code>.
1.60 avankest 486:
1.135 avankest 487: <p>The OPENED state has an associated <dfn id=send-flag><code>send()</code>
1.175 ! avankest 488: flag</dfn> which indicates whether the <code><a
! 489: href="#send">send()</a></code> method has been invoked. It can be either
! 490: "true" or "false" and has an initial value of "false".
1.88 avankest 491:
1.124 avankest 492: <p>The HEADERS_RECEIVED state is the state of the object when all response
493: headers have been received. This state is represented by the <dfn
1.132 avankest 494: id=headers-received-state title="HEADERS_RECEIVED
1.124 avankest 495: state"><code>HEADERS_RECEIVED</code></dfn> constant, whose value is
496: <code>2</code>.
497:
498: <p>The LOADING state is the state of the object when the response entity
1.132 avankest 499: body is being received. This state is represented by the <dfn
500: id=loading-state title="LOADING state"><code>LOADING</code></dfn>
501: constant, whose value is <code>3</code>.
1.60 avankest 502:
1.80 avankest 503: <p>The DONE state is the state of the object when either the data transfer
504: has been completed or something went wrong during the transfer (infinite
1.132 avankest 505: redirects for instance). This state is represented by the <dfn
506: id=done-state title="DONE state"><code>DONE</code></dfn> constant, whose
507: value is <code>4</code>.
1.60 avankest 508:
1.125 avankest 509: <p>The DONE state has an associated <dfn id=error-flag>error flag</dfn>
1.175 ! avankest 510: which indicates some type of network error or abortion. It can be either
! 511: "true" or "false" and has an initial value of "false".
1.125 avankest 512:
1.89 avankest 513: <p>The <dfn id=response-entity-body>response entity body</dfn> is the
1.132 avankest 514: fragment of the <a href="#entity-body">entity body</a> received so far
1.89 avankest 515: (LOADING state) or the complete entity body (DONE state). If there is no
516: entity body the response entity body is "null".
517:
518: <p>The <dfn id=text-response-entity-body>text response entity body</dfn> is
1.170 avankest 519: a <code>DOMString</code> representing the <a
520: href="#response-entity-body">response entity body</a>. The text response
521: entity body is the return value of the following algorithm:
1.89 avankest 522:
523: <ol>
1.91 avankest 524: <li>
1.168 avankest 525: <p>If the response entity body is "null" return the empty string and
1.108 avankest 526: terminate these steps.</p>
1.91 avankest 527:
528: <li>
1.114 avankest 529: <p>Let <var>charset</var> be "null".
1.112 avankest 530:
531: <li>
1.91 avankest 532: <p>If there is no <code>Content-Type</code> header or there is a
533: <code>Content-Type</code> header which contains a MIME type that is
1.117 avankest 534: <code>text/xml</code>, <code>application/xml</code> or ends in <code
535: title="">+xml</code> (ignoring any parameters) use the rules set forth
1.127 avankest 536: in the XML specifications to determine the character encoding. Let
1.117 avankest 537: <var>charset</var> be the determined character encoding.
1.91 avankest 538:
539: <li>
1.128 avankest 540: <p>If there is a <code>Content-Type</code> header which contains a
1.146 avankest 541: <code>text/html</code> MIME type follow the rules set forth in the
542: HTML 5 specification to determine the character encoding. Let
1.143 avankest 543: <var>charset</var> be the determined character encoding. [<cite><a
1.146 avankest 544: href="#ref-html5">HTML5</a></cite>]
1.119 avankest 545:
546: <li>
1.141 avankest 547: <p>If the MIME type specified by the <code>Content-Type</code> header
548: contains a <code>charset</code> parameter and <var>charset</var> is
549: "null" let <var>charset</var> be the value of that parameter.</p>
1.116 avankest 550:
1.119 avankest 551: <p class=note>The algorithms described by the XML and HTML specifications
552: already take <code>Content-Type</code> into account.</p>
1.112 avankest 553:
554: <li> <!-- This stuff is copied from HTML5. Thanks Hixie! -->
1.114 avankest 555: <p>If <var>charset</var> is "null" then, for each of the rows in the
556: following table, starting with the first one and going down, if the
1.128 avankest 557: first bytes of <var>bytes</var> match the bytes given in the first
558: column, then let <var>charset</var> be the encoding given in the cell in
559: the second column of that row. If there is no match <var>charset</var>
560: remains "null".</p>
1.112 avankest 561:
562: <table>
563: <thead>
564: <tr>
565: <th>Bytes in Hexadecimal
566:
567: <th>Description
568:
569: <tbody>
570: <tr>
571: <td>00 00 FE FF
572:
573: <td>UTF-32BE BOM
574:
575: <tr>
576: <td>FF FE 00 00
577:
578: <td>UTF-32LE BOM
579:
580: <tr>
581: <td>FE FF
582:
583: <td>UTF-16BE BOM
584:
585: <tr>
586: <td>FF FE
587:
588: <td>UTF-16LE BOM
589:
590: <tr>
591: <td>EF BB BF
592:
1.118 avankest 593: <td>UTF-8 BOM<!-- nobody uses this
594: <tr>
595: <td>DD 73 66 73
596: <td>UTF-EBCDIC
1.112 avankest 597: -->
598:
599: </table>
600:
601: <li>
1.114 avankest 602: <p>If <var>charset</var> is "null" let <var>charset</var> be UTF-8.
1.91 avankest 603:
604: <li>
1.108 avankest 605: <p>Return the result of decoding the response entity body using
1.168 avankest 606: <var>charset</var>. Replace bytes or sequences of bytes that are not
1.174 avankest 607: valid according to the <var>charset</var> with a single U+FFFD
608: character.
1.89 avankest 609: </ol>
610:
1.164 avankest 611: <p class=note>Authors are encouraged to simply encode their resources using
612: UTF-8.
613:
1.108 avankest 614: <p>The <dfn id=xml-response-entity-body>XML response entity body</dfn> is
615: either a <code>Document</code> representing the <a
1.127 avankest 616: href="#response-entity-body">response entity body</a> or
617: <code>null</code>. The XML response entity body is the return value of the
618: following algorithm:
1.89 avankest 619:
620: <ol>
1.91 avankest 621: <li>
1.108 avankest 622: <p>If the response entity body is "null" terminate these steps and return
623: <code>null</code>.
1.89 avankest 624:
625: <li>
1.104 avankest 626: <p>If a <code>Content-Type</code> is present and it does not contain a
627: MIME type (ignoring any parameters) that is <code>text/xml</code>,
1.117 avankest 628: <code>application/xml</code> or ends in <code title="">+xml</code>
629: terminate these steps and return <code>null</code>. (Do not terminate
630: these steps if there is no <code>Content-Type</code> header at all.)
1.89 avankest 631:
632: <li>
1.129 avankest 633: <p>Parse the response entity body into a document tree following the
634: rules from the XML specifications. Let the result be <var>parsed
635: document</var>. If this fails (unsupported character encoding, namespace
636: well-formedness error et cetera) terminate these steps return
637: <code>null</code>. [<cite><a href="#ref-xml">XML</a></cite>] [<cite><a
638: href="#ref-xmlns">XMLNS</a></cite>]</p>
639:
640: <p class=note>Scripts in the resulting document tree will not be
641: executed, resources referenced will not be loaded and no associated XSLT
642: will be applied.</p>
1.89 avankest 643:
644: <li>
1.97 avankest 645: <p>Return an object implementing the <code>Document</code> interface
646: representing the <var>parsed document</var>.
1.89 avankest 647: </ol>
648:
1.6 avankest 649: <dl>
1.132 avankest 650: <dt><dfn id=onreadystatechange><code>onreadystatechange</code></dfn> of
1.158 avankest 651: type <code>EventListener</code>
1.2 avankest 652:
653: <dd>
1.158 avankest 654: <p>This attribute is an <a href="#event-handler-attribute">event handler
655: DOM attribute</a> and <em class=ct>must</em> be invoked whenever a
656: <code><a href="#readystatechange">readystatechange</a></code> event is
1.174 avankest 657: targeted at the object.
1.2 avankest 658:
1.132 avankest 659: <dt><dfn id=readystate><code>readyState</code></dfn> of type
1.2 avankest 660: <code>unsigned short</code>, readonly
661:
662: <dd>
1.151 avankest 663: <p>On getting the attribute <em class=ct>must</em> return the value of
664: the constant corresponding to the object's current state.
1.2 avankest 665:
1.132 avankest 666: <dt><dfn id=open title=open><code>open(<var>method</var>, <var>url</var>,
667: <var>async</var>, <var>user</var>, <var>password</var>)</code></dfn>,
668: method
1.2 avankest 669:
1.60 avankest 670: <dd>
671: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.97 avankest 672: following steps (unless otherwise indicated):</p>
1.2 avankest 673:
1.60 avankest 674: <ol>
675: <li>
1.157 avankest 676: <p>Let <var>stored method</var> be the <var>method</var> argument.
677:
678: <li>
679: <p>If <var>stored method</var> does not match the <dfn
680: id=method><code>Method</code> production</dfn>, defined in section
681: 5.1.1 of RFC 2616, raise a <code>SYNTAX_ERR</code> exception and
1.146 avankest 682: terminate these steps. [<cite><a
683: href="#ref-rfc2616">RFC2616</a></cite>]
1.2 avankest 684:
1.60 avankest 685: <li>
1.157 avankest 686: <p>If <var>stored method</var> <a href="#case-insensitive-match"
687: title="case-insensitive match">case-insensitively matches</a>
688: <code>CONNECT</code>, <code>DELETE</code>, <code>GET</code>,
689: <code>HEAD</code>, <code>OPTIONS</code> <code>POST</code>,
690: <code>PUT</code>, <code>TRACE</code>, or <code>TRACK</code> let
691: <var>stored method</var> be the canonical uppercase form of the
692: matched method name.
693: </li>
694: <!-- WebKit (and supposedly Firefox) also uppercase: COPY, INDEX, LOCK,
695: M-POST, MKCOL, MOVE, PROPFIND, PROPPATCH, and UNLOCK. -->
696:
697: <li>
698: <p>If <var>stored method</var> is one of <code>CONNECT</code>,
699: <code>TRACE</code>, or <code>TRACK</code> the user agent <em
700: class=ct>should</em> raise a <code><a
1.139 avankest 701: href="#security-err">SECURITY_ERR</a></code> exception and terminate
702: these steps.
1.2 avankest 703:
1.60 avankest 704: <li>
705: <p>Drop the fragment identifier (if any) from <var>url</var> and let
706: <var>stored url</var> be the result of that operation.
1.2 avankest 707:
1.60 avankest 708: <li>
1.97 avankest 709: <p>If <var>stored url</var> is a relative reference resolve it using
1.158 avankest 710: the current value of the <code>baseURI</code> attribute of the <a
711: href="#document-pointer"><code>Document</code> pointer</a>. If this
712: fails raise a <code>SYNTAX_ERR</code> exception and terminate these
713: steps.
1.2 avankest 714:
1.60 avankest 715: <li>
1.102 avankest 716: <p>If <var>stored url</var> contains an unsupported scheme raise a
717: <code>NOT_SUPPORTED_ERR</code> and terminate these steps.
718:
719: <li>
1.60 avankest 720: <p>If the <code>"user:password"</code> format in the
721: <code>userinfo</code> production defined in section 3.2.1 of RFC 3986
722: is not supported for the relevant scheme and <var>stored url</var>
1.99 avankest 723: contains this format raise a <code>SYNTAX_ERR</code> and terminate
724: these steps. [<cite><a href="#ref-rfc3986">RFC3986</a></cite>]
1.2 avankest 725:
1.60 avankest 726: <li>
727: <p>If <var>stored url</var> contains the <code>"user:password"</code>
728: format let <var>stored user</var> be the user part and <var>stored
729: password</var> be the password part.
1.2 avankest 730:
1.60 avankest 731: <li>
732: <p>If <var>stored url</var> just contains the <code>"user"</code>
733: format let <var>stored user</var> be the user part.
1.24 avankest 734:
1.60 avankest 735: <li>
1.142 avankest 736: <p>If <var>stored url</var> is not of the <a
1.158 avankest 737: href="#same-origin">same-origin</a> as the <a
738: href="#origin">origin</a> of the <a
739: href="#document-pointer"><code>Document</code> pointer</a> the user
740: agent <em class=ct>should</em> raise a <code><a
1.148 avankest 741: href="#security-err">SECURITY_ERR</a></code> exception and terminate
1.158 avankest 742: these steps.
1.70 avankest 743:
1.60 avankest 744: <li>
745: <p>Let <var>async</var> be the value of the <var>async</var> argument
1.103 avankest 746: or <code>true</code> if it was omitted.
1.60 avankest 747:
748: <li>
1.127 avankest 749: <p>If the <var>user</var> argument was not omitted, and its syntax does
750: not match that specified by the relevant authentication scheme, raise
751: a <code>SYNTAX_ERR</code> exception and terminate these steps.
1.60 avankest 752:
753: <li>
754: <p>If the <var>user</var> argument was not omitted and is not
755: <code>null</code> let <var>stored user</var> be <var>user</var>
756: encoded using the encoding specified in the relevant authentication
757: scheme or UTF-8 if the scheme fails to specify an encoding.</p>
1.2 avankest 758:
1.60 avankest 759: <p class=note>This step overrides any user that may have been set by
760: the <var>url</var> argument.</p>
1.17 avankest 761:
1.60 avankest 762: <li>
763: <p>If the <var>user</var> argument was not omitted and is
764: <code>null</code> remove <var>stored user</var>.
1.17 avankest 765:
1.60 avankest 766: <li>
767: <p>If the <var>password</var> argument was not omitted and its syntax
768: does not match that specified by the relevant authentication scheme
1.99 avankest 769: raise a <code>SYNTAX_ERR</code> exception and terminate these steps.
1.17 avankest 770:
1.60 avankest 771: <li>
772: <p>If the <var>password</var> argument was not omitted and is not
773: <code>null</code> let <var>stored password</var> be
774: <var>password</var> encoded using the encoding specified in the
775: relevant authentication scheme or UTF-8 if the scheme fails to specify
776: an encoding.
1.17 avankest 777:
1.60 avankest 778: <li>
779: <p>If the <var>password</var> argument was not omitted and is
780: <code>null</code> remove <var>stored password</var>.
1.17 avankest 781:
1.60 avankest 782: <li>
1.109 avankest 783: <p><a href="#abort-send-algorithm" title="abort send()">Abort the
784: <code>send()</code> algorithm</a>, set <a
785: href="#response-entity-body">response entity body</a> to "null" and
786: reset the list of request headers.
1.17 avankest 787:
1.60 avankest 788: <p>
1.44 avankest 789:
1.60 avankest 790: <li>
1.109 avankest 791: <p>The user agent <em class=ct>should</em> cancel any network activity
792: for which the object is responsible.
1.60 avankest 793: </li>
794: <!-- we can hardly require it... -->
1.22 avankest 795:
1.60 avankest 796: <li>
1.135 avankest 797: <p>Switch the object to the <a href="#opened-state" title="OPENED
798: state">OPENED</a> state, set the <a
1.132 avankest 799: href="#send-flag"><code>send()</code> flag</a> to "false" and then
800: synchronously dispatch a <code><a
801: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 802: object and return the method call.
1.60 avankest 803: </ol>
1.24 avankest 804:
1.25 avankest 805: <p class=note>A future version or extension of this specification will
1.35 avankest 806: most likely define a way of doing cross-site requests.</p>
1.26 avankest 807:
1.132 avankest 808: <dt><dfn id=setrequestheader
1.25 avankest 809: title=setrequestheader><code>setRequestHeader(<var>header</var>,
1.18 avankest 810: <var>value</var>)</code></dfn>, method
1.6 avankest 811:
812: <dd>
1.164 avankest 813: <p>Each request has a list of request headers with associated values. The
814: <code><a href="#setrequestheader">setRequestHeader()</a></code> method
815: can be used to manipulate those values and set new request headers.</p>
816:
817: <p class=note>The <code><a
818: href="#setrequestheader">setRequestHeader()</a></code> method appends a
819: value if the HTTP header given as argument is already part of the list
820: of request headers.</p>
1.47 avankest 821:
1.60 avankest 822: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.97 avankest 823: following steps (unless otherwise indicated):</p>
1.60 avankest 824:
825: <ol>
826: <li>
1.135 avankest 827: <p>If the state of the object is not <a href="#opened-state"
828: title="OPENED state">OPENED</a> raise an
829: <code>INVALID_STATE_ERR</code> exception and terminate these steps.
1.6 avankest 830:
1.60 avankest 831: <li>
1.104 avankest 832: <p>If the <a href="#send-flag"><code>send()</code> flag</a> is "true"
1.99 avankest 833: raise an <code>INVALID_STATE_ERR</code> exception and terminate these
1.97 avankest 834: steps.
1.60 avankest 835:
836: <li>
1.98 avankest 837: <p>If the <var>header</var> argument does not match the <dfn
1.60 avankest 838: id=field-name><code>field-name</code> production</dfn> as defined by
1.97 avankest 839: section 4.2 of RFC 2616 or is <code>null</code> raise a
1.99 avankest 840: <code>SYNTAX_ERR</code> exception and terminate these steps. [<cite><a
1.146 avankest 841: href="#ref-rfc2616">RFC2616</a></cite>]
1.71 avankest 842:
843: <li>
1.99 avankest 844: <p>If the <var>value</var> argument is <code>null</code> terminate
845: these steps. (Do not raise an exception.)
1.71 avankest 846: </li>
847: <!-- undefined is to be treated as null here... -->
1.60 avankest 848:
849: <li>
1.98 avankest 850: <p>If the <var>value</var> argument does not match the <dfn
1.60 avankest 851: id=field-value><code>field-value</code> production</dfn> as defined by
1.99 avankest 852: section 4.2 of RFC 2616 raise a <code>SYNTAX_ERR</code> and terminate
1.146 avankest 853: these steps. [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]
1.60 avankest 854:
855: <li>
1.133 avankest 856: <p>For security reasons, these steps <em class=ct>should</em> be
1.99 avankest 857: terminated if the <var>header</var> argument <a
858: href="#case-insensitive-match" title="case-insensitive
859: match">case-insensitively matches</a> one of the following headers:</p>
1.34 avankest 860:
861: <ul>
862: <li><code>Accept-Charset</code>
863:
864: <li><code>Accept-Encoding</code>
865:
1.69 avankest 866: <li><code>Connection</code>
867:
1.34 avankest 868: <li><code>Content-Length</code>
869:
1.69 avankest 870: <li><code>Content-Transfer-Encoding</code>
871:
872: <li><code>Date</code>
873:
1.34 avankest 874: <li><code>Expect</code>
875:
876: <li><code>Host</code>
877:
878: <li><code>Keep-Alive</code>
879:
880: <li><code>Referer</code>
881:
882: <li><code>TE</code>
883:
884: <li><code>Trailer</code>
885:
886: <li><code>Transfer-Encoding</code>
887:
888: <li><code>Upgrade</code>
1.69 avankest 889:
890: <li><code>Via</code>
1.34 avankest 891: </ul>
1.6 avankest 892:
1.60 avankest 893: <li>
1.133 avankest 894: <p>Also for security reasons, these steps <em class=ct>should</em> be
1.169 avankest 895: terminated if the start of the <var>header</var> argument <a
896: href="#case-insensitive-match" title="case-insensitive
897: match">case-insensitively matches</a> <code>Proxy-</code> or
898: <code>Sec-</code>.
1.133 avankest 899:
900: <li>
1.60 avankest 901: <p>If the <var>header</var> argument is not in the list of request
1.97 avankest 902: headers append the <var>header</var> with its associated
1.99 avankest 903: <var>value</var> to the list and terminate these steps.
1.46 avankest 904:
1.60 avankest 905: <li>
906: <p>If the <var>header</var> argument is in the list of request headers
1.97 avankest 907: either use multiple headers, combine the values or use a combination
908: of those (section 4.2, RFC 2616). [<cite><a
1.146 avankest 909: href="#ref-rfc2616">RFC2616</a></cite>]
1.97 avankest 910: </li>
911: <!-- XXX it seems UAs always combine the values -->
1.60 avankest 912: </ol>
1.18 avankest 913:
1.132 avankest 914: <p class=note>See also the <code><a href="#send">send()</a></code> method
915: regarding user agent header handling for caching, authentication,
1.47 avankest 916: proxies, and cookies.</p>
917:
1.25 avankest 918: <div class=example>
1.60 avankest 919: <pre><code>// The following script:
1.18 avankest 920: var client = new XMLHttpRequest();
921: client.open('GET', 'demo.cgi');
922: client.setRequestHeader('X-Test', 'one');
923: client.setRequestHeader('X-Test', 'two');
924: client.send();
925:
926: // ...would result in the following header being sent:
927: ...
928: X-Test: one, two
1.60 avankest 929: ...</code></pre>
1.18 avankest 930: </div>
1.6 avankest 931:
1.132 avankest 932: <dt><dfn id=send title=send><code>send(<var>data</var>)</code></dfn>,
1.25 avankest 933: method
1.2 avankest 934:
935: <dd>
1.132 avankest 936: <p>The <code><a href="#send">send()</a></code> method initiates the
1.107 avankest 937: request and its optional argument provides the <a
1.164 avankest 938: href="#entity-body">entity body</a>.</p>
939:
940: <p class=note>Authors are encouraged to ensure that they have specified
941: the <code>Content-Type</code> header via <code><a
942: href="#setrequestheader">setRequestHeader()</a></code> before invoking
943: <code><a href="#send">send()</a></code> with a non-<code>null</code>
944: <var>data</var> argument.</p>
1.60 avankest 945:
946: <p>When invoked, the user agent <em class=ct>must</em> follow the
1.109 avankest 947: following steps (unless otherwise noted). Note that this algorithm might
1.132 avankest 948: get aborted if the <code><a href="#open">open()</a></code> or <code><a
949: href="#abort">abort()</a></code> method is invoked. When the <dfn
950: id=abort-send-algorithm title="abort send()"><code>send()</code>
951: algorithm is aborted</dfn> the user agent <em class=ct>must</em>
952: terminate the algorithm after finishing the step it is on.</p>
1.109 avankest 953:
954: <p class=note>The following algorithm can not be aborted through script
955: when <var>async</var> is <code>false</code>. It can only be aborted when
956: <var>async</var> is <code>true</code> and only after the method call has
957: returned.</p>
1.60 avankest 958:
959: <ol>
960: <li>
1.135 avankest 961: <p>If the state of the object is not <a href="#opened-state"
962: title="OPENED state">OPENED</a> raise an
963: <code>INVALID_STATE_ERR</code> exception and terminate these steps.
1.60 avankest 964:
965: <li>
1.104 avankest 966: <p>If the <a href="#send-flag"><code>send()</code> flag</a> is "true"
1.99 avankest 967: raise an <code>INVALID_STATE_ERR</code> exception and terminate these
1.97 avankest 968: steps.
1.60 avankest 969:
970: <li>
1.104 avankest 971: <p>If <var>async</var> is <code>true</code> set the <a
972: href="#send-flag"><code>send()</code> flag</a> to "true".
1.103 avankest 973:
974: <li>
1.167 avankest 975: <p>If <var>stored method</var> is <code>GET</code> act as if the
976: <var>data</var> argument is <code>null</code>.</p>
977:
1.60 avankest 978: <p>If the <var>data</var> argument has not been omitted and is not
1.132 avankest 979: <code>null</code> use it for the <dfn id=entity-body>entity body</dfn>
980: as defined by section 7.2 of RFC 2616 observing the following rules:
1.146 avankest 981: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.60 avankest 982:
1.120 avankest 983: <dl class=switch>
1.60 avankest 984: <dt><var>data</var> is a <code>DOMString</code>
985:
1.79 avankest 986: <dd>
1.164 avankest 987: <p>Encode <var>data</var> using UTF-8 for transmission.</p>
988:
1.165 avankest 989: <p>If a <code>Content-Type</code> header is set using <code><a
990: href="#setrequestheader">setRequestHeader()</a></code> set the
991: <code>charset</code> parameter of that header to <code>UTF-8</code>.</p>
1.60 avankest 992:
993: <dt><var>data</var> is a <code>Document</code>
994:
995: <dd>
1.97 avankest 996: <p>Serialize <var>data</var> into a namespace well-formed XML
997: document and encoded using the encoding given by
1.166 avankest 998: <code><var>data</var>.inputEncoding</code>, when not
999: <code>null</code>, or UTF-8 otherwise. Or, if this fails because the
1000: <code>Document</code> cannot be serialized act as if <var>data</var>
1001: is <code>null</code>.</p>
1002:
1003: <p>If no <code>Content-Type</code> header has been set using <code><a
1004: href="#setrequestheader">setRequestHeader()</a></code> append a
1005: <code>Content-Type</code> header to the list of request headers with
1006: a value of <code>application/xml;charset=<var>charset</var></code>
1007: where <var>charset</var> is the encoding used to encode the
1008: document.</p>
1.60 avankest 1009:
1010: <p class=note>Subsequent changes to the <code>Document</code> have no
1011: effect on what is submitted.</p>
1012:
1013: <dt><var>data</var> is not a <code>DOMString</code> or
1014: <code>Document</code>
1015:
1.79 avankest 1016: <dd>
1.97 avankest 1017: <p>Use the stringification mechanisms of the host language on
1018: <var>data</var> and treat the result as if <var>data</var> is a
1.167 avankest 1019: <code>DOMString</code>. Or, if this fails, act as if the
1020: <var>data</var> argument is <code>null</code>.
1.60 avankest 1021: </dl>
1022:
1.127 avankest 1023: <p>If the <var>data</var> argument has been omitted, or is
1024: <code>null</code>, no entity body is used in the request.</p>
1.60 avankest 1025:
1026: <li>
1.72 avankest 1027: <p>Make a request to <var>stored url</var>, using HTTP method
1028: <var>stored method</var>, user <var>stored user</var> (if provided)
1029: and password <var>stored password</var> (if provided), taking into
1030: account the entity body, list of request headers and the rules listed
1031: directly after this set of steps.
1.60 avankest 1032:
1033: <li>
1.97 avankest 1034: <p>Synchronously dispatch a <code><a
1.132 avankest 1035: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 1036: object.</p>
1037:
1038: <p class=note>The state of the object does not change. The event is
1039: dispatched for historical reasons.</p>
1.68 avankest 1040:
1041: <li>
1.103 avankest 1042: <p>If <var>async</var> is <code>true</code> return the <code><a
1.132 avankest 1043: href="#send">send()</a></code> method call. (Do not terminate the
1.103 avankest 1044: steps in the algorithm though.)
1.60 avankest 1045:
1046: <li>
1.124 avankest 1047: <p>While downloading the resource the following rules are to be
1048: observed.</p>
1.119 avankest 1049:
1.120 avankest 1050: <dl class=switch>
1.119 avankest 1051: <dt>If the response is an HTTP redirect
1052:
1053: <dd>
1.146 avankest 1054: <p>If the redirect does not violate security (it is <a
1055: href="#same-origin">same-origin</a> for instance) or infinite loop
1056: precautions and the scheme is supported transparently follow the
1.167 avankest 1057: redirect and go to the start of this step (step 8).</p>
1.119 avankest 1058:
1059: <p class=note>HTTP places requirements on the user agent regarding
1060: the preservation of the request method and entity body during
1061: redirects, and also requires users to be notified of certain kinds
1062: of automatic redirections.</p>
1063: <!-- Arguably HTTP should be fixed for the latter case. No browser
1064: follows that as far as I know. -->
1065:
1066: <p>Otherwise, follow the following set of steps:</p>
1067:
1068: <ol>
1069: <li>
1.125 avankest 1070: <p>Set the <a href="#response-entity-body">response entity body</a>
1071: to "null", the <a href="#error-flag">error flag</a> to "true" and
1072: reset the list of request headers.
1.119 avankest 1073:
1074: <li>
1.132 avankest 1075: <p>Synchronously switch the state to <a href="#done-state"
1076: title="DONE state">DONE</a>.
1.119 avankest 1077:
1078: <li>
1079: <p>If <var>async</var> is set to <code>false</code> raise a
1080: <code><a href="#network-err">NETWORK_ERR</a></code> exception and
1081: terminate the overall algorithm.
1082:
1083: <li>
1084: <p>Synchronously dispatch a <code><a
1.132 avankest 1085: href="#readystatechange">readystatechange</a></code> event on the
1086: object.
1.119 avankest 1087:
1088: <li>
1089: <p>Terminate the overall algorithm.
1090: </ol>
1091:
1092: <p class=note>It is likely that a future version of the <code><a
1093: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1094: dispatch an <code>error</code> event here as well.</p>
1095:
1096: <dt>If the user cancels the download
1097:
1098: <dd>
1099: <p>Run the following set of steps:</p>
1100:
1101: <ol>
1102: <li>
1.125 avankest 1103: <p>Set the <a href="#response-entity-body">response entity body</a>
1104: to "null", the <a href="#error-flag">error flag</a> to "true" and
1105: reset the list of request headers.
1.119 avankest 1106:
1107: <li>
1.132 avankest 1108: <p>Synchronously switch the state to <a href="#done-state"
1109: title="DONE state">DONE</a>.
1.119 avankest 1110:
1111: <li>
1.122 avankest 1112: <p>If <var>async</var> is set to <code>false</code> raise an
1113: <code><a href="#abort-err">ABORT_ERR</a></code> exception and
1.119 avankest 1114: terminate the overall algorithm.
1115:
1116: <li>
1117: <p>Synchronously dispatch a <code><a
1.132 avankest 1118: href="#readystatechange">readystatechange</a></code> event on the
1119: object.
1.119 avankest 1120:
1121: <li>
1122: <p>Terminate the overall algorithm.
1123: </ol>
1124:
1125: <p class=note>It is likely that a future version of the <code><a
1126: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1.122 avankest 1127: dispatch an <code title="">abort</code> event here as well.</p>
1.119 avankest 1128:
1129: <dt>In case of network errors
1.118 avankest 1130:
1.119 avankest 1131: <dd>
1.127 avankest 1132: <p>In case of DNS errors, or other type of network errors, run the
1133: following set of steps. <span class=note>This does not include HTTP
1134: responses that indicate some type of error, such as HTTP status code
1.119 avankest 1135: 410.</span></p>
1136:
1137: <ol>
1138: <li>
1.125 avankest 1139: <p>Set the <a href="#response-entity-body">response entity body</a>
1140: to "null", the <a href="#error-flag">error flag</a> to "true" and
1141: reset the list of request headers.
1.119 avankest 1142:
1143: <li>
1.132 avankest 1144: <p>Synchronously switch the state to <a href="#done-state"
1145: title="DONE state">DONE</a>.
1.119 avankest 1146:
1147: <li>
1148: <p>If <var>async</var> is set to <code>false</code> raise a
1149: <code><a href="#network-err">NETWORK_ERR</a></code> exception and
1150: terminate the overall algorithm.
1151:
1152: <li>
1153: <p>Synchronously dispatch a <code><a
1.132 avankest 1154: href="#readystatechange">readystatechange</a></code> event on the
1155: object.
1.119 avankest 1156:
1157: <li>
1158: <p>Terminate the overall algorithm.
1159: </ol>
1160:
1161: <p class=note>It is likely that a future version of the <code><a
1162: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1163: dispatch an <code>error</code> event here as well.</p>
1164:
1165: <dt>Once all HTTP headers have been received
1.60 avankest 1166:
1.119 avankest 1167: <dd>
1168: <p>If all HTTP headers have been received, before receiving the
1.124 avankest 1169: message body (if any), run the following steps:</p>
1.60 avankest 1170:
1.119 avankest 1171: <ol>
1172: <li>
1.132 avankest 1173: <p>Synchronously switch the state to <a
1174: href="#headers-received-state" title="HEADERS_RECEIVED
1175: state">HEADERS_RECEIVED</a>.
1.119 avankest 1176:
1177: <li>
1178: <p>Synchronously dispatch a <code><a
1.132 avankest 1179: href="#readystatechange">readystatechange</a></code> event on the
1180: object.
1.124 avankest 1181: </ol>
1182:
1183: <dt>Once the first byte (or more) of the response entity body has been
1184: received
1185:
1186: <dt>If there is no response entity body
1.119 avankest 1187:
1.124 avankest 1188: <dd>
1189: <ol>
1.119 avankest 1190: <li>
1.132 avankest 1191: <p>Synchronously switch the state to <a href="#loading-state"
1.119 avankest 1192: title="LOADING state">LOADING</a>.
1193:
1194: <li>
1195: <p>Synchronously dispatch a <code><a
1.132 avankest 1196: href="#readystatechange">readystatechange</a></code> event on the
1197: object.
1.119 avankest 1198: </ol>
1199: </dl>
1.60 avankest 1200:
1.125 avankest 1201: <p>Finally, once the complete resource has been downloaded go to the
1202: next step.</p>
1.60 avankest 1203:
1204: <li>
1.83 avankest 1205: <p>When the request has successfully completed loading, synchronously
1.132 avankest 1206: switch the state to <a href="#done-state" title="DONE state">DONE</a>
1207: and then synchronously dispatch a <code><a
1208: href="#readystatechange">readystatechange</a></code> event on the
1.97 avankest 1209: object and return the method call in case of <var>async</var> being
1210: <code>false</code>.
1.60 avankest 1211: </ol>
1.19 avankest 1212:
1.92 avankest 1213: <p>If the user agent allows the user to configure a proxy it <em
1.25 avankest 1214: class=ct>should</em> modify the request appropriately; <abbr title="in
1.2 avankest 1215: other words">i.e.</abbr>, connect to the proxy host instead of the
1216: origin server, modify the <code>Request-Line</code> and send
1217: <code>Proxy-Authorization</code> headers as specified.</p>
1218:
1.44 avankest 1219: <p>If the user agent supports HTTP Authentication it <em
1220: class=ct>should</em> consider requests originating from this object to
1221: be part of the protection space that includes the accessed URIs and send
1.19 avankest 1222: <code>Authorization</code> headers and handle <code>401
1.138 avankest 1223: Unauthorized</code> requests appropriately. If authentication fails,
1.44 avankest 1224: user agents <em class=ct>should</em> prompt the users for credentials.
1225: [<cite><a href="#ref-rfc2617">RFC2617</a></cite>]</p>
1.19 avankest 1226:
1.59 avankest 1227: <p>If the user agent supports HTTP State Management it <em
1.44 avankest 1228: class=ct>should</em> persist, discard and send cookies (as received in
1229: the <code>Set-Cookie</code> and <code>Set-Cookie2</code> response
1230: headers, and sent in the <code>Cookie</code> header) as applicable.
1.51 avankest 1231: [<cite><a href="#ref-rfc2965">RFC2965</a></cite>]</p>
1.164 avankest 1232: <!-- It has been said that RFC2965 does not match reality. -->
1.44 avankest 1233: <p>If the user agent implements a HTTP cache it <em class=ct>should</em>
1234: respect <code>Cache-Control</code> request headers set by the script
1235: (<abbr title="for example">e.g.</abbr>, <code>Cache-Control:
1236: no-cache</code> bypasses the cache). It <em class=ct>must not</em> send
1.25 avankest 1237: <code>Cache-Control</code> or <code>Pragma</code> request headers
1.138 avankest 1238: automatically unless the user explicitly requests such behavior
1.44 avankest 1239: (<abbr>e.g.</abbr>, by (force-)reloading the page). <code>304 Not
1240: Modified</code> responses that are a result of a user agent generated
1241: conditional request <em class=ct>must</em> be presented as <code>200
1.59 avankest 1242: OK</code> responses with the appropriate content. The user agent <em
1.44 avankest 1243: class=ct>must</em> allow scripts to override automatic cache validation
1244: by setting request headers (e.g., <code>If-None-Match</code>,
1.16 avankest 1245: <code>If-Modified-Since</code>), in which case <code>304 Not
1.44 avankest 1246: Modified</code> responses <em class=ct>must</em> be passed through.
1.146 avankest 1247: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.2 avankest 1248:
1.44 avankest 1249: <p>If the user agent implements server-driven content-negotiation it <em
1.162 avankest 1250: class=ct>should</em> set <code>Accept-Encoding</code> and
1.175 ! avankest 1251: <code>Accept-Charset</code> headers as appropriate. Unless set through
! 1252: <code><a href="#setrequestheader">setRequestHeader()</a></code> user
! 1253: agents <em class=ct>should</em> set the <code>Accept</code> and
! 1254: <code>Accept-Language</code> headers as well. Responses to such requests
! 1255: <em class=ct>must</em> have the content-encodings automatically decoded.
1.146 avankest 1256: [<cite><a href="#ref-rfc2616">RFC2616</a></cite>]</p>
1.18 avankest 1257:
1.132 avankest 1258: <dt><dfn id=abort><code>abort()</code></dfn>, method
1.6 avankest 1259:
1260: <dd>
1.62 avankest 1261: <p>When invoked, the user agent <em class=ct>must</em> run the following
1.97 avankest 1262: steps (unless otherwise noted):</p>
1.6 avankest 1263:
1.62 avankest 1264: <ol>
1265: <li>
1.109 avankest 1266: <p><a href="#abort-send-algorithm" title="abort send()">Abort the
1267: <code>send()</code> algorithm</a>, set the <a
1.125 avankest 1268: href="#response-entity-body">response entity body</a> to "null", the
1.136 avankest 1269: <a href="#error-flag">error flag</a> to "true" and remove any
1270: registered request headers.
1.62 avankest 1271:
1272: <li>
1.109 avankest 1273: <p>The user agent <em class=ct>should</em> cancel any network activity
1274: for which the object is responsible.
1.62 avankest 1275:
1.80 avankest 1276: <li>
1.135 avankest 1277: <p>If the state is <a href="#unsent-state" title="UNSENT
1278: state">UNSENT</a>, <a href="#opened-state" title="OPENED
1279: state">OPENED</a> and the <a href="#send-flag"><code>send()</code>
1280: flag</a> is "false", or <a href="#done-state" title="DONE
1281: state">DONE</a> go to the next step.</p>
1.84 avankest 1282:
1.132 avankest 1283: <p>Otherwise, switch the state to <a href="#done-state" title="DONE
1.136 avankest 1284: state">DONE</a>, set the <a href="#send-flag"><code>send()</code>
1285: flag</a> to "false" and synchronously dispatch a <code><a
1.132 avankest 1286: href="#readystatechange">readystatechange</a></code> event on the
1.84 avankest 1287: object.</p>
1.68 avankest 1288:
1.62 avankest 1289: <li>
1.135 avankest 1290: <p>Switch the state to <a href="#unsent-state" title="UNSENT
1.98 avankest 1291: state">UNSENT</a>. (Do not dispatch the <code><a
1.132 avankest 1292: href="#readystatechange">readystatechange</a></code> event.)</p>
1.62 avankest 1293:
1.83 avankest 1294: <p class=note>It is likely that a future version of the <code><a
1295: href="#xmlhttprequest-object">XMLHttpRequest</a></code> object will
1296: dispatch an <code title="">abort</code> event here as well.</p>
1.62 avankest 1297: </ol>
1.26 avankest 1298:
1.6 avankest 1299: <dt><dfn
1.132 avankest 1300: id=getallresponseheaders><code>getAllResponseHeaders()</code></dfn>,
1.13 avankest 1301: method
1.2 avankest 1302:
1303: <dd>
1.62 avankest 1304: <p>When invoked, the user agent <em class=ct>must</em> run the following
1305: steps:</p>
1.60 avankest 1306:
1307: <ol>
1.77 avankest 1308: <li>
1.135 avankest 1309: <p>If the state is <a href="#unsent-state" title="UNSENT
1310: state">UNSENT</a> or <a href="#opened-state" title="OPENED
1311: state">OPENED</a> raise an <code>INVALID_STATE_ERR</code> exception
1312: and terminate these steps.
1.125 avankest 1313:
1314: <li>
1.171 avankest 1315: <p>If the <a href="#error-flag">error flag</a> is "true" return the
1316: empty string and terminate these steps.
1.77 avankest 1317:
1318: <li>
1.97 avankest 1319: <p>Return all the HTTP headers, as a single string, with each header
1.168 avankest 1320: line separated by a U+000D (CR) U+000A (LF) pair excluding the status
1.97 avankest 1321: line.
1.60 avankest 1322: </ol>
1.6 avankest 1323:
1.25 avankest 1324: <div class=example>
1.60 avankest 1325: <pre><code>// The following script:
1.6 avankest 1326: var client = new XMLHttpRequest();
1.18 avankest 1327: client.open("GET", "test.txt", true);
1.6 avankest 1328: client.send();
1.16 avankest 1329: client.onreadystatechange = function() {
1.17 avankest 1330: if(this.readyState == 3) {
1.16 avankest 1331: print(this.getAllResponseHeaders());
1332: }
1333: }
1.6 avankest 1334:
1335: // ...should output something similar to the following text:
1336: Date: Sun, 24 Oct 2004 04:58:38 GMT
1337: Server: Apache/1.3.31 (Unix)
1338: Keep-Alive: timeout=15, max=99
1339: Connection: Keep-Alive
1340: Transfer-Encoding: chunked
1.60 avankest 1341: Content-Type: text/plain; charset=utf-8</code></pre>
1.6 avankest 1342: </div>
1343:
1.132 avankest 1344: <dt><dfn id=getresponseheader
1.25 avankest 1345: title=getresponseheader><code>getResponseHeader(<var>header</var>)</code></dfn>,
1.13 avankest 1346: method
1.2 avankest 1347:
1.6 avankest 1348: <dd>
1.60 avankest 1349: <p>When the method is invoked, the user agent <em class=ct>must</em> run
1350: the following steps:</p>
1351:
1352: <ol>
1.77 avankest 1353: <li>
1.135 avankest 1354: <p>If the state is <a href="#unsent-state" title="UNSENT
1355: state">UNSENT</a> or <a href="#opened-state" title="OPENED
1356: state">OPENED</a> raise an <code>INVALID_STATE_ERR</code> exception
1357: and terminate these steps.
1.125 avankest 1358:
1359: <li>
1.150 avankest 1360: <p>If the <var>header</var> argument does not match the <a
1.172 avankest 1361: href="#field-name"><code>field-name</code> production</a> return
1362: <code>null</code> and terminate these steps.
1.150 avankest 1363:
1364: <li>
1.125 avankest 1365: <p>If the <a href="#error-flag">error flag</a> is "true" return
1366: <code>null</code> and terminate these steps.
1.17 avankest 1367:
1.77 avankest 1368: <li>
1.81 avankest 1369: <p>If the <var>header</var> argument <a href="#case-insensitive-match"
1370: title="case-insensitive match">case-insensitively matches</a> multiple
1.128 avankest 1371: HTTP headers for the last request sent, return the values of these
1.97 avankest 1372: headers as a single concatenated string separated from each other by
1.168 avankest 1373: an U+002C followed by an U+0020 character and terminate these steps.
1.77 avankest 1374:
1375: <li>
1.81 avankest 1376: <p>If the <var>header</var> argument <a href="#case-insensitive-match"
1377: title="case-insensitive match">case-insensitively matches</a> a single
1.97 avankest 1378: HTTP header for the last request sent return the value of that header
1.99 avankest 1379: and terminate these steps.
1.77 avankest 1380:
1381: <li>
1.97 avankest 1382: <p>Return <code>null</code>.
1.60 avankest 1383: </ol>
1.17 avankest 1384:
1.25 avankest 1385: <div class=example>
1.60 avankest 1386: <pre><code>// The following script:
1.1 avankest 1387: var client = new XMLHttpRequest();
1.18 avankest 1388: client.open("GET", "test.txt", true);
1.6 avankest 1389: client.send();
1.16 avankest 1390: client.onreadystatechange = function() {
1.17 avankest 1391: if(this.readyState == 3) {
1.18 avankest 1392: print(client.getResponseHeader("Content-Type"));
1.16 avankest 1393: }
1394: }
1.1 avankest 1395:
1.6 avankest 1396: // ...should output something similar to the following text:
1.164 avankest 1397: text/plain; charset=utf-8</code></pre>
1.2 avankest 1398: </div>
1399:
1.132 avankest 1400: <dt><dfn id=responsetext><code>responseText</code></dfn> of type
1.9 avankest 1401: <code>DOMString</code>, readonly
1.6 avankest 1402:
1403: <dd>
1.89 avankest 1404: <p>On getting, the user agent <em class=ct>must</em> run the following
1405: steps:</p>
1406:
1407: <ol>
1408: <li>
1.132 avankest 1409: <p>If the state is not <a href="#loading-state" title="LOADING
1410: state">LOADING</a> or <a href="#done-state" title="DONE
1.170 avankest 1411: state">DONE</a> return the empty string and terminate these steps.
1.6 avankest 1412:
1.89 avankest 1413: <li>
1414: <p>Return the <a href="#text-response-entity-body">text response entity
1415: body</a>.
1416: </ol>
1.12 avankest 1417:
1.132 avankest 1418: <dt><dfn id=responsexml><code>responseXML</code></dfn> of type
1.9 avankest 1419: <code>Document</code>, readonly
1.6 avankest 1420:
1421: <dd>
1.76 avankest 1422: <p>On getting, the user agent <em class=ct>must</em> run the following
1423: steps:</p>
1424:
1425: <ol>
1426: <li>
1.132 avankest 1427: <p>If the state is not <a href="#done-state" title="DONE
1.170 avankest 1428: state">DONE</a> return <code>null</code> and terminate these steps.
1.76 avankest 1429:
1430: <li>
1.89 avankest 1431: <p>Return the <a href="#xml-response-entity-body">XML response entity
1432: body</a>.
1.76 avankest 1433: </ol>
1.12 avankest 1434:
1.132 avankest 1435: <dt><dfn id=status><code>status</code></dfn> of type <code>unsigned
1.9 avankest 1436: short</code>, readonly
1.6 avankest 1437:
1438: <dd>
1.73 avankest 1439: <p>On getting, if available, it <em class=ct>must</em> return the HTTP
1440: status code sent by the server (typically <code>200</code> for a
1441: successful request). Otherwise, if not available, the user agent <em
1442: class=ct>must</em> raise an <code>INVALID_STATE_ERR</code> exception.</p>
1.12 avankest 1443:
1.132 avankest 1444: <dt><dfn id=statustext><code>statusText</code></dfn> of type
1.9 avankest 1445: <code>DOMString</code>, readonly
1.2 avankest 1446:
1.6 avankest 1447: <dd>
1.73 avankest 1448: <p>On getting, if available, it <em class=ct>must</em> return the HTTP
1449: status text sent by the server (appears after the status code).
1450: Otherwise, if not available, the user agent <em class=ct>must</em> raise
1451: an <code>INVALID_STATE_ERR</code> exception.</p>
1.2 avankest 1452: </dl>
1453:
1.168 avankest 1454: <h3 id=events><span class=secno>4.1 </span>Events for the <code
1.33 avankest 1455: title="">XMLHttpRequest</code> Object</h3>
1.2 avankest 1456:
1.135 avankest 1457: <p>This section describes the various events that can be dispatched on
1458: objects implementing the <code><a
1.60 avankest 1459: href="#xmlhttprequest-object">XMLHttpRequest</a></code> interface. For
1460: this version of the specification only one event is defined.
1.2 avankest 1461:
1.1 avankest 1462: <dl>
1.132 avankest 1463: <dt><dfn id=readystatechange><code>readystatechange</code></dfn>
1.2 avankest 1464:
1.73 avankest 1465: <dd>When the user agent dispatches a <code
1466: title="">readystatechange</code> event (as indicated above) it <em
1467: class=ct>must not</em> bubble, <em class=ct>must not</em> be cancelable
1468: and <em class=ct>must</em> implement the <code>Event</code> interface.
1469: Its <code>namespaceURI</code> attribute <em class=ct>must</em> be
1.146 avankest 1470: <code>null</code>. [<cite><a
1.156 avankest 1471: href="#ref-dom2events">DOM2Events</a></cite>]
1.1 avankest 1472: </dl>
1.2 avankest 1473:
1.168 avankest 1474: <h3 id=exceptions><span class=secno>4.2 </span>Exceptions for the <code
1.33 avankest 1475: title="">XMLHttpRequest</code> Object</h3>
1476:
1.139 avankest 1477: <p>Several algorithms in this specification may result in an exception
1478: being thrown. These exceptions are all part of the group
1479: <code>ExceptionCode</code> and use the <code>DOMException</code> object
1480: which is defined in DOM Level 3 Core. In addition this specification
1481: extends the <code>ExceptionCode</code> group with several new constants as
1.146 avankest 1482: indicated below. [<cite><a href="#ref-dom3core">DOM3Core</a></cite>]
1.139 avankest 1483:
1.34 avankest 1484: <pre
1.139 avankest 1485: class=idl>const unsigned short <a href="#security-err">SECURITY_ERR</a> = 18;
1.122 avankest 1486: const unsigned short <a href="#network-err">NETWORK_ERR</a> = 101;
1487: const unsigned short <a href="#abort-err">ABORT_ERR</a> = 102;</pre>
1.33 avankest 1488:
1.139 avankest 1489: <p>The <dfn id=security-err><code>SECURITY_ERR</code></dfn> exception is
1490: raised if an attempt is made to perform an operation or access some data
1491: in a way that would be a security risk or a violation of the user agent's
1492: security policy.</p>
1493: <!-- http://lists.w3.org/Archives/Public/public-webapi/2006May/0027.html -->
1494:
1495: <p class=note>The <code title="">SECURITY_ERR</code> exception is expected
1496: to be eventually folded into an update of the the DOM Level 3 Core
1497: specification with an equivalent definition and identical constant value.
1498: Until that happens it is defined here to guide implementors. (This is also
1.154 avankest 1499: the reason the constant value is not in line with the other exceptions.)
1.139 avankest 1500:
1.35 avankest 1501: <p>The <dfn id=network-err><code>NETWORK_ERR</code></dfn> exception is
1.139 avankest 1502: raised when a network error occurs in synchronous requests.
1.122 avankest 1503:
1.139 avankest 1504: <p>The <dfn id=abort-err><code>ABORT_ERR</code></dfn> exception is raised
1.122 avankest 1505: when the user aborts a request in synchronous requests.
1506:
1.31 avankest 1507: <h2 class=no-num id=notcovered>Not in this Specification</h2>
1508:
1.144 avankest 1509: <p><em>This section is non-normative.</em>
1.31 avankest 1510:
1.73 avankest 1511: <p>This specification does not include the following features which are
1512: being considered for a future version of this specification:
1.31 avankest 1513:
1514: <ul>
1515: <li><code>load</code> event and <code>onload</code> attribute;
1516:
1517: <li><code>error</code> event and <code>onerror</code> attribute;
1518:
1519: <li><code>progress</code> event and <code>onprogress</code> attribute;
1520:
1521: <li><code title="">abort</code> event and <code>onabort</code> attribute;
1522:
1523: <li>Timers have been suggested, perhaps an <code>ontimeout</code>
1524: attribute;
1525:
1526: <li>Property to disable following redirects;
1527:
1.32 avankest 1528: <li><code title="">responseXML</code> for <code>text/html</code>
1529: documents;
1.31 avankest 1530:
1.42 avankest 1531: <li>Cross-site <code title="">XMLHttpRequest</code>;
1532:
1.88 avankest 1533: <li><code>responseBody</code> to deal with byte streams;
1.42 avankest 1534:
1.115 avankest 1535: <li><code>overrideMimeType</code> to fix up MIME types;
1536:
1.88 avankest 1537: <li><code>getRequestHeader()</code> and
1538: <code>removeRequestHeader()</code>.
1.31 avankest 1539: </ul>
1540:
1.25 avankest 1541: <h2 class=no-num id=bibref>References</h2>
1.2 avankest 1542:
1.7 avankest 1543: <dl>
1.156 avankest 1544: <dt>[<dfn id=ref-dom2events>DOM2Events</dfn>]
1545:
1546: <dd><cite><a href="http://www.w3.org/TR/DOM-Level-2-Events/">Document
1.161 avankest 1547: Object Model (DOM) Level 2 Events Specification</a></cite>, T. Pixley,
1548: editor. W3C, November 2000.
1.156 avankest 1549:
1.146 avankest 1550: <dt>[<dfn id=ref-dom3core>DOM3Core</dfn>]
1.2 avankest 1551:
1.15 avankest 1552: <dd><cite><a href="http://www.w3.org/TR/DOM-Level-3-Core">Document Object
1553: Model (DOM) Level 3 Core Specification</a></cite>, A. Le Hors, P. Le
1.140 avankest 1554: Hégaret, L. Wood, G. Nicol, J. Robie, M. Champion, S. Byrne,
1555: editors. W3C, April 2004.
1.2 avankest 1556:
1.39 avankest 1557: <dt>[<dfn id=ref-ecmascript>ECMAScript</dfn>]
1.18 avankest 1558:
1559: <dd><cite><a
1560: href="http://www.ecma-international.org/publications/standards/Ecma-262.htm">ECMAScript
1561: Language Specification</a></cite>, Third Edition. ECMA, December 1999.
1562:
1.146 avankest 1563: <dt>[<dfn id=ref-html5>HTML5</dfn>]
1.143 avankest 1564:
1565: <dd><cite><a
1.172 avankest 1566: href="http://www.w3.org/html/wg/html5/">HTML 5</a></cite> (work in
1567: progress), I. Hickson, D. Hyatt, editors. W3C, 2008.
1568:
1569: <dd><cite><a
1.143 avankest 1570: href="http://www.whatwg.org/specs/web-apps/current-work/">HTML 5</a></cite>
1.172 avankest 1571: (work in progress), I. Hickson, editor. WHATWG, 2008.
1.18 avankest 1572:
1.146 avankest 1573: <dt>[<dfn id=ref-rfc2119>RFC2119</dfn>]
1.15 avankest 1574:
1.118 avankest 1575: <dd><cite><a href="http://ietf.org/rfc/rfc2119">Key words for use in RFCs
1576: to Indicate Requirement Levels</a></cite>, S. Bradner. IETF, March 1997.
1.15 avankest 1577:
1.146 avankest 1578: <dt>[<dfn id=ref-rfc2616>RFC2616</dfn>]
1.15 avankest 1579:
1580: <dd><cite><a href="http://ietf.org/rfc/rfc2616">Hypertext Transfer
1581: Protocol -- HTTP/1.1</a></cite>, R. Fielding, J. Gettys, J. Mogul, H.
1.93 avankest 1582: Frystyk, L. Masinter, P. Leach, T. Berners-Lee, editors. IETF, June 1999.
1.15 avankest 1583:
1.39 avankest 1584: <dt>[<dfn id=ref-rfc2617>RFC2617</dfn>]
1.15 avankest 1585:
1586: <dd><cite><a href="http://ietf.org/rfc/rfc2617">HTTP Authentication: Basic
1.93 avankest 1587: and Digest Access Authentication</a></cite>, P. Hallam-Baker, J.
1588: Hostetler, S. Lawrence, P. Leach, A. Luotonen, L. Stewart, editors. IETF,
1589: June 1999.
1.2 avankest 1590:
1.39 avankest 1591: <dt>[<dfn id=ref-rfc2965>RFC2965</dfn>]
1.2 avankest 1592:
1.22 avankest 1593: <dd><cite><a href="http://ietf.org/rfc/rfc2965">HTTP State Management
1594: Mechanism</a></cite>, D. Kristol, L. Montulli, editors. IETF, October
1595: 2000.
1596:
1.39 avankest 1597: <dt>[<dfn id=ref-rfc3986>RFC3986</dfn>]
1.2 avankest 1598:
1.15 avankest 1599: <dd><cite><a href="http://ietf.org/rfc/rfc3986">Uniform Resource
1600: Identifier (URI): Generic Syntax</a></cite>, T. Berners-Lee, R. Fielding,
1601: L. Masinter, editors. IETF, January 2005.
1.30 avankest 1602:
1.142 avankest 1603: <dt>[<dfn id=ref-rfc3987>RFC3987</dfn>]
1604:
1605: <dd><cite><a href="http://ietf.org/rfc/rfc3987">Internationalized Resource
1606: Identifiers (IRIs)</a></cite>, M. Duerst, M. Suignard, editors. IETF,
1607: January 2005.
1608:
1.43 avankest 1609: <dt>[<dfn id=ref-xml>XML</dfn>]
1610:
1611: <dd><cite><a href="http://www.w3.org/TR/xml/">Extensible Markup Language
1612: (XML) 1.0 (Fourth Edition)</a></cite>, T. Bray, J. Paoli, C.
1.118 avankest 1613: Sperberg-McQueen, E. Maler, F. Yergeau, editors. W3C, September 2006.
1.43 avankest 1614:
1615: <dt>[<dfn id=ref-xmlns>XMLNS</dfn>]
1616:
1617: <dd><cite><a href="http://www.w3.org/TR/xml-names/">Namespaces in XML
1.118 avankest 1618: (Second Edition)</a></cite>, T. Bray, D. Hollander, A. Layman, R. Tobin,
1619: editors. W3C, August 2006.
1.2 avankest 1620: </dl>
1621:
1.131 avankest 1622: <h2 class=no-num id=acknowledgments>Acknowledgments</h2>
1.2 avankest 1623:
1.164 avankest 1624: <p>The editor would like to thank Addison Phillips, Ahmed Kamel, Alex
1625: Hopmann, Alex Vincent, Alexey Proskuryakov, Asbjørn Ulsberg, Boris
1626: Zbarsky, Björn Höhrmann, Cameron McCormack, Christophe Jolif,
1627: Charles McCathieNevile, Dan Winship, David Håsäther, Dean
1628: Jackson, Denis Sureau, Doug Schepers, Douglas Livingstone, Elliotte
1629: Harold, Eric Lawrence, Geoffrey Sneddon, Gideon Cohn, Gorm Haug Eriksen,
1630: Hallvord R. M. Steen, Håkon Wium Lie, Ian Davis, Ian Hickson, Ivan
1631: Herman, Jeff Walden, Jens Lindström, Jim Deegan, Jim Ley, Joe Farro,
1632: Jonas Sicking, Julian Reschke, Karl Dubost, Maciej Stachowiak, Magnus
1633: Kristiansen, Marc Hadley, Marcos Caceres, Mark Baker, Mark Nottingham,
1634: Mohamed Zergaoui, Pawel Glowacki, Robin Berjon, Ruud Steltenpool, Simon
1635: Pieters, Stewart Brodie, Sunava Dutta, Tom Magliery and Zhenbin Xu for
1636: their contributions to this specification.
1.2 avankest 1637:
1638: <p>Special thanks to the Microsoft employees who first implemented the
1.144 avankest 1639: <code title="">XMLHttpRequest</code> interface, which was first widely
1640: deployed by the Windows Internet Explorer browser.
1.2 avankest 1641:
1.56 avankest 1642: <p>Special thanks also to the WHATWG for drafting an initial version of
1.131 avankest 1643: this specification in their Web Applications 1.0 document (now renamed to
1.146 avankest 1644: HTML 5). [<cite><a href="#ref-html5">HTML5</a></cite>]
1.2 avankest 1645:
1646: <p>Thanks also to all those who have helped to improve this specification
1647: by sending suggestions and corrections. (Please, keep bugging us with your
1648: issues!)
Webmaster
![[BACK]](/https/dev.w3.org/cvsweb/icons/back.gif){kind=icon}
Return to Overview.html CVS log ![[TXT]](/https/dev.w3.org/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/https/dev.w3.org/cvsweb/icons/dir.gif){kind=icon}
Up to [Public] / 2006 / webapi / XMLHttpRequest