I had to hack the new prototype.js 1.5.0 release to revert to the 1.4 getTransport() order. The problem: IE7’s “native” XMLHttpRequest method won’t play nice with a <base> tag whose domain value is different than the domain value of the page’s URL.
Example:
url: http://flop.net/bar.html with: <base href="http://foo.com/" /> then IE7 new XMLHttpRequest() for 'http://flop.net/ajax' throws access denied error. However, this works: url: http://flop.net/bar.html with: <base href="http://flop.net/"> then IE7 new XMLHttpRequest() for 'http://flop.net/ajax'
So we just revert to using ActiveX (the original Microsoft version for remote transport).
I see that YUI checks for transport the same way. So I expect their’s will break with IE7 too.
Here’s the diff:
var Ajax = { getTransport: function() { return Try.these( - function() {return new XMLHttpRequest()}, function() {return new ActiveXObject('Msxml2.XMLHTTP')}, - function() {return new ActiveXObject('Microsoft.XMLHTTP')} + function() {return new ActiveXObject('Microsoft.XMLHTTP')}, + function() {return new XMLHttpRequest()} ) || false; },
I assume Microsoft changed this behaviour in IE7 in the name of security, but it is still a royal PITA.
Did I just miss the warning signs?
I don’t really see how this ‘security’ precaution actually makes anything more secure. If anything, in my case, not using the ‘base’ tag means my HTML would be lots more verbose, since I would need to specify the URL in every href link.
Leave a Reply
You must be logged in to post a comment.