diff options
| author | Caio Cunha | 2013-06-19 21:30:28 +0100 |
|---|---|---|
| committer | Pete Bacon Darwin | 2013-06-19 22:43:19 +0100 |
| commit | 25d9f5a804b7a6a61db6e84e594b1b5fe7ea14bf (patch) | |
| tree | 9f543b3fe3038a372d9fea7d8b3e84fbdd13da02 | |
| parent | 1b234cb7af2049c458f5e15d422742d4049d8f9d (diff) | |
| download | angular.js-25d9f5a804b7a6a61db6e84e594b1b5fe7ea14bf.tar.bz2 | |
fix($http): ensure case-insens. header overriding
If user send content-type header, both content-type and default
Content-Type headers were sent. Now default header overriding is
case-insensitive.
| -rw-r--r-- | src/ng/http.js | 33 | ||||
| -rw-r--r-- | test/ng/httpSpec.js | 15 |
2 files changed, 43 insertions, 5 deletions
diff --git a/src/ng/http.js b/src/ng/http.js index 5fdc1a18..d9813663 100644 --- a/src/ng/http.js +++ b/src/ng/http.js @@ -482,17 +482,40 @@ function $HttpProvider() { var reqTransformFn = config.transformRequest || $config.transformRequest, respTransformFn = config.transformResponse || $config.transformResponse, - defHeaders = $config.headers, - reqHeaders = extend({'X-XSRF-TOKEN': $browser.cookies()['XSRF-TOKEN']}, - defHeaders.common, defHeaders[lowercase(config.method)], config.headers), - reqData = transformData(config.data, headersGetter(reqHeaders), reqTransformFn), + reqHeaders = extend({}, config.headers), + defHeaders = extend( + {'X-XSRF-TOKEN': $browser.cookies()['XSRF-TOKEN']}, + $config.headers.common, + $config.headers[lowercase(config.method)] + ), + reqData, + defHeaderName, lowercaseDefHeaderName, headerName, promise; + // using for-in instead of forEach to avoid unecessary iteration after header has been found + defaultHeadersIteration: + for(defHeaderName in defHeaders) { + lowercaseDefHeaderName = lowercase(defHeaderName); + for(headerName in config.headers) { + if (lowercase(headerName) === lowercaseDefHeaderName) { + continue defaultHeadersIteration; + } + } + reqHeaders[defHeaderName] = defHeaders[defHeaderName]; + } + // strip content-type if data is undefined if (isUndefined(config.data)) { - delete reqHeaders['Content-Type']; + for(var header in reqHeaders) { + if (lowercase(header) === 'content-type') { + delete reqHeaders[header]; + break; + } + } } + reqData = transformData(config.data, headersGetter(reqHeaders), reqTransformFn); + // send request promise = sendReq(config, reqData, reqHeaders); diff --git a/test/ng/httpSpec.js b/test/ng/httpSpec.js index bb4de3c1..18be5826 100644 --- a/test/ng/httpSpec.js +++ b/test/ng/httpSpec.js @@ -430,6 +430,21 @@ describe('$http', function() { }); + it('should override default headers with custom in a case insensitive manner', function() { + $httpBackend.expect('POST', '/url', 'messageBody', function(headers) { + return headers['accept'] == 'Rewritten' && + headers['content-type'] == 'Content-Type Rewritten' && + headers['Accept'] === undefined && + headers['Content-Type'] === undefined; + }).respond(''); + + $http({url: '/url', method: 'POST', data: 'messageBody', headers: { + 'accept': 'Rewritten', + 'content-type': 'Content-Type Rewritten' + }}); + $httpBackend.flush(); + }); + it('should not send Content-Type header if request data/body is undefined', function() { $httpBackend.expect('POST', '/url', undefined, function(headers) { return !headers.hasOwnProperty('Content-Type'); |