From 6c124d3dd47fb399c7512c5c3b3420e438c32b65 Mon Sep 17 00:00:00 2001
From: jaubourg <j@ubourg.net>
Date: Mon, 7 Mar 2011 00:42:09 +0100
Subject: [PATCH] Fixes #8423. Never set X-Requested-With header automagically
 for cross-domain requests.

---
 src/ajax/xhr.js |   11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/ajax/xhr.js b/src/ajax/xhr.js
index a6473dd..5dbc33d 100644
--- a/src/ajax/xhr.js
+++ b/src/ajax/xhr.js
@@ -92,11 +92,12 @@ if ( jQuery.support.ajax ) {
 						xhr.overrideMimeType( s.mimeType );
 					}
 
-					// Requested-With header
-					// Not set for crossDomain requests with no content
-					// (see why at http://trac.dojotoolkit.org/ticket/9486)
-					// Won't change header if already provided
-					if ( !( s.crossDomain && !s.hasContent ) && !headers["X-Requested-With"] ) {
+					// X-Requested-With header
+					// For cross-domain requests, seeing as conditions for a preflight are
+					// akin to a jigsaw puzzle, we simply never set it to be sure.
+					// (it can always be set on a per-request basis or even using ajaxSetup)
+					// For same-domain requests, won't change header if already provided.
+					if ( !s.crossDomain && !headers["X-Requested-With"] ) {
 						headers[ "X-Requested-With" ] = "XMLHttpRequest";
 					}
 
-- 
1.7.10.4