php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-04 06:37:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix #17932: Fix regression in detection of AJAX requests (#17937)

Browse Source
This commit is contained in:
Alexander Makarov
2020-03-26 12:30:56 +03:00
committed by GitHub
parent e9f42c0854
commit 65e5640810
3 changed files with 2 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
framework/CHANGELOG.md
View File

@ -4,7 +4,7 @@ Yii Framework 2 Change Log
2.0.34 under development 2.0.34 under development
------------------------ ------------------------
- no changes in this release. - Bug #17932: Fix regression in detection of AJAX requests (samdark)
2.0.33 March 24, 2020 2.0.33 March 24, 2020

8
framework/web/Request.php
View File

@ -487,13 +487,7 @@ class Request extends \yii\base\Request
*/ */
public function getIsAjax() public function getIsAjax()
{ {
$origin = $this->headers->get('Origin'); return $this->headers->get('X-Requested-With') === 'XMLHttpRequest';
return
($this->headers->get('X-Requested-With') === 'XMLHttpRequest') ||
($this->headers->get('Sec-Fetch-Mode') === 'cors') ||
($this->headers->get('Sec-Fetch-Site') === 'cross-site') ||
($origin !== null && $origin !== $this->getHostInfo());
} }
/** /**

18
tests/framework/web/RequestTest.php
View File

@ -908,24 +908,6 @@ class RequestTest extends TestCase
], ],
true, true,
], ],
[
[
'HTTP_Sec-Fetch-Mode' => 'cors',
],
true,
],
[
[
'HTTP_Sec-Fetch-Site' => 'cross-site',
],
true,
],
[
[
'HTTP_Origin' => 'https://example.com/',
],
true,
],
]; ];
} }