xhr properties in incognito mode

481 views
Skip to first unread message

Brian Kuhn

unread,
Jun 24, 2010, 12:50:00 AM6/24/10
to chromi...@chromium.org

I'm wondering if anyone can tell me why XMLHttpRequest objects look different in incognito mode.  

Specifically, I'm interested why the withCredentials property is missing.  I'd like to detect the ability to do cross-domain ajax request (CORS) and the Firefox team suggests looking for withCredentials to detect this capability.  This works in Chrome in normal mode, but not incognito.  Anyone have any suggestions on what else I could look for to detect CORS capability in Chrome incognito?

Thanks,
    Brian


Normal Mode:

new XMLHttpRequest()
XMLHttpRequest
  1. onabortnull
  2. onerrornull
  3. onloadnull
  4. onloadstartnull
  5. onprogressnull
  6. onreadystatechangenull
  7. readyState0
  8. responseText""
  9. responseXMLnull
  10. status0
  11. statusText""
  12. uploadXMLHttpRequestUpload
  13. withCredentialsfalse
  14. __proto__Object

Incognito Mode:

new XMLHttpRequest();
Object
  1. abortfunction (){return xhrRequest.abort()
  2. getAllResponseHeadersfunction (){return xhrRequest.getAllResponseHeaders()
  3. getResponseHeaderfunction (header){return xhrRequest.getResponseHeader(header)
  4. onreadystatechangefunction (){}
  5. openfunction (method,url,async){if(spy.loaded){spy=new XHRSpy()
  6. readyState0
  7. sendfunction (data){spy.data=data;
  8. setRequestHeaderfunction (header,value){spy.requestHeaders.push({name:[header],value:[value]});
  9. __proto__Object




Peter Kasting

unread,
Jun 24, 2010, 1:08:58 AM6/24/10
to bnk...@gmail.com, chromi...@chromium.org, Adam Barth
On Wed, Jun 23, 2010 at 9:50 PM, Brian Kuhn <bnk...@gmail.com> wrote:
Specifically, I'm interested why the withCredentials property is missing.  I'd like to detect the ability to do cross-domain ajax request (CORS) and the Firefox team suggests looking for withCredentials to detect this capability.  This works in Chrome in normal mode, but not incognito.  Anyone have any suggestions on what else I could look for to detect CORS capability in Chrome incognito?

+CC abarth

PK 

Adam Barth

unread,
Jun 24, 2010, 1:13:45 AM6/24/10
to pkas...@google.com, bnk...@gmail.com, chromi...@chromium.org
I'm unable to replicate your results. In the Chrome Dev channel, I
went to http://www.google.com/ in incognito, opened the web inspector,
and typed the following commands:

> var xhr = new XMLHttpRequest()
undefined
> "withCredentials" in xhr
true

Adam

> --
> Chromium Developers mailing list: chromi...@chromium.org
> View archives, change email options, or unsubscribe:
> http://groups.google.com/a/chromium.org/group/chromium-dev
>

Brian Kuhn

unread,
Jun 24, 2010, 1:57:08 AM6/24/10
to Adam Barth, pkas...@google.com, chromi...@chromium.org
Ah, thank you for humoring me.  It turns out it was Firebug Lite on the page causing this.  I didn't even think to try checking another page since the weirdness only happened in incognito.

Thanks,
   Brian
Reply all
Reply to author
Forward
0 new messages