Re: XMLHttpRequest for REST/PUT request to GoogleCalendar -- discloses login/PW to console
On Monday, March 4, 2013 9:34:17 PM UTC, gNeandr wrote: Maybe it was my fault to use .responseType= because the description for XHR has that and =text as string type. While that is correct, XMLHttpRequest will exhibit its legacy behavior of also making responseXML available if you use . So using is not recommended. I suppose I should clarify that in the specification at some point. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
XMLHttpRequest for REST/PUT request to GoogleCalendar -- discloses login/PW to console
Using XMLHttpRequest for REST/PUT request to GoogleCalendar I get a
response/error to the console like this
with the red XML error symbol:
Error: no element found
Source file:
https://{--mymailadr--}%40googlemail%2Ecom:{--PASSWORD--}@www.google.com/calendar/dav/{--CALENDAR_ID--}@group.calendar.google.com/events/136200600-915510352.ics
Line: 1
Tracing the response for that CalDAV 'PUT' request gives:
with 'GCalendar':
Error 204 No Content
Server: GSE
X-Firefox-Spdy: 3
Basically the GCal answer is correct, but XMLHttpRequest seems to parse
that null answer as a XML answer and fails.
I found using another CalDAV server has another response and there is no
such login/pw disclosing string on the console:
'fruux.com':
Error 204 No Content
Server: nginx
Content-Type: text/html
Content-Length: 0
Any idea how to fix that problem, any workaround .. catching the
response NOT to throw it to the console?
There is a bug https://bugzilla.mozilla.org/show_bug.cgi?id=521301
already but no solution!
Günter
___
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
Re: XMLHttpRequest for REST/PUT request to GoogleCalendar -- discloses login/PW to console
On 3/4/13 6:26 AM, gNeandr wrote: Any idea how to fix that problem, any workaround .. catching the response NOT to throw it to the console? If you control the server, make sure the Content-Type it returns is not an XML type (like the fruux.com server does). If you control the caller and don't expect to get back XML for this request, tell the XHR so by setting responseType=text or whatever you want on the XHR before the send(). There is a bug https://bugzilla.mozilla.org/show_bug.cgi?id=521301 already but no solution! It's not clear to me that this is a bug, per spec. -Boris ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: XMLHttpRequest for REST/PUT request to GoogleCalendar -- discloses login/PW to console
On 04.03.2013 15:48, Boris Zbarsky wrote: On 3/4/13 6:26 AM, gNeandr wrote: Any idea how to fix that problem, any workaround .. catching the response NOT to throw it to the console? If you control the server, make sure the Content-Type it returns is not an XML type (like the fruux.com server does). No chance to control the server (which is Google) If you control the caller and don't expect to get back XML for this request, tell the XHR so by setting responseType=text or whatever you want on the XHR before the send(). Maybe it was my fault to use .responseType= because the description for XHR has that and =text as string type. But with my code changing to .responseType=text it works. Had also to change the '.onSucess' parameters not to ask for .responseXML. After those changes it works (fingercrossing) Günter ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
