Can we add a Content-Type header to dbForm requests?

[davidqc]

---

Any HTTP/1.1 message containing an entity-body SHOULD include a
Content-Type header field defining the media type of that body. If
and only if the media type is not given by a Content-Type field, the
recipient MAY attempt to guess the media type via inspection of its
content and/or the name extension(s) of the URI used to identify the
resource. If the media type remains unknown, the recipient SHOULD
treat it as type "application/octet-stream".

---

SHOULD: This word, or the adjective "RECOMMENDED", mean that there
may exist valid reasons in particular circumstances to ignore a
particular item, but the full implications must be understood and
carefully weighed before choosing a different course.

---

I guess it would be done either in the caller:
https://github.com/qcode-software/qcode-ui/blob/master/js/jquery.dbForm.js#L36

                headers: {
                    Accept: "application/json,text/xml"
                }

or checked and added in httpPost

qcode-ui/js/jquery.utils.js

Line 110 in fdd9bae

headers = $.extend({'X-Authenticity-Token': Cookies.get('authenticity_token')}, headers);

function httpPost(url,data,handler,errorHandler,async,headers) {
    // Add event listener to check whether request is cancelled by navigation
    var unloading = false;
    headers = $.extend({'X-Authenticity-Token': Cookies.get('authenticity_token')}, headers);
``

[daniel-qcode]

@davidqc What make you think the Content-Type header is not being specified ?

When not explicitly set jquery.ajax says it defaults Content-Type to "application/x-www-form-urlencoded; charset=UTF-8"

http://api.jquery.com/jquery.ajax/

Looking at Request headers in developers tools it looks like Content-Type header is being supplied when saving a dbForm:

Is this maybe specific to TLC's quirks mode version of qcode-ui that does not use jquery.ajax under the covers ?

[davidqc]

Yes it's under IE quirks mode (I may well have pointed at the wrong parts of the JS code)

The headline is there is no "Content-Type" in POSTs raised via dbForm under IE. So writing code to proxy these requests is complicated slightly by having to guess what content type to use. Would be better if the request arrived with the header set.

[davidqc]

Example of Headers received:

Debug: >>> start of request headers  >>>
Debug: Accept: */*
Debug: Referer: https://www.domain:8443/rm.tcl?branch_code=CP
Debug: Accept-Language: en-US,en-GB;q=0.7,en;q=0.3
Debug: Accept-Encoding: gzip, deflate
Debug: User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; MASB; rv:11.0) like Gecko
Debug: Host: www.domain.co.uk:8443
Debug: Content-Length: 252
Debug: DNT: 1
Debug: Connection: Keep-Alive
Debug: Cache-Control: no-cache
Debug: Cookie: customer_key=blah
Debug: >>> end of request headers  >>>

[daniel-qcode]

Might be possible to add the following line to:
xmlhttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"

https://github.com/qcode-software/qcode-ui/blob/ui-1/js/bvwLib1.0.js#L507
https://github.com/qcode-software/qcode-ui/blob/ui-1/js/bvwLib1.0.js#L578
https://github.com/qcode-software/qcode-ui/blob/ui-1/js/dbForm.js#L259
https://github.com/qcode-software/qcode-ui/blob/ui-1/js/dbForm.js#L279

... and anywhere else that uses old xmlhttp style ajax ... totally untested though

[daniel-qcode]

Is it only POST requests that this is an issue for ... what about httpGet:
https://github.com/qcode-software/qcode-ui/blob/ui-1/js/bvwLib1.0.js#L538

[davidqc]

GET's don't have a request body so it's correct not to have a Content-Type header in those cases.

Now I know where to look I can test that.

[daniel-qcode]

maybe need charset when setting content type too:
xmlhttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded; charset=UTF-8"

[daniel-qcode]

Would it be a problem to set the Content-Type even when there is no post data ... or is this something we need to prevent?