GM.xmlHttpRequest

From GreaseSpot Wiki
Revision as of 03:14, 15 September 2009 by Aavindraa (talk | contribs) (adding primitive example of "HEAD" request)
Jump to navigationJump to search

Template:Underscore


Greasemonkey Manual
Using Greasemonkey
Installing Scripts
Monkey Menu
Getting Help
User Script Authoring
Editing
Environment
API

Description

This API method provides access to the chrome-privileged XMLHttpRequest object. This means that it is possible to issue requests to domains other than that of the current page.

Additional reference may be found at:

Examples | Notes

Syntax

GM_xmlhttpRequest( details )

Value: Function
Returns: undefined, response Object
Compatibility: Greasemonkey 0.2.5+
details Object
Properties Event Handler Callbacks
method onload
url onreadystatechange
headers onerror
overrideMimeType
data
  • All properties and event handler callbacks are optional except method and url.

top

Properties


method

Value: String
Usage: details.method = "GET"';

top | back

url

Value: String
Usage: details.url = "http://www.greasespot.net/";
  • Must be an absolute URL.

top | back

headers

Value: Object
Usage: details.headers = {"User-Agent":"Mozilla/5.0"};
  • The headers property is an object which is typically used to override the default browser generated headers, also known as atoms. It should contain the atom-value pairs of the headers to send.[2]

top | back

overrideMimeType

Value: String
Compatibility: Greasemonkey 0.6.8+
Usage: details.overrideMimeType = "text/html; charset=ISO-8859-1";
  • While each character set name may have multiple aliases defined, there may be a preferred name which can be found at IANA

top | back

data

Value: String
Usage: details.data = null; /* some code */ if (details.data) { /* some code */ }
  • [1]
  • Note that if the data field contains form-encoded data, you must also set the header 'Content-Type': 'application/x-www-form-urlencoded' in the headers field.

top | back

Event Handler Callbacks


onload

Usage: details.onload = function (response) { /* some code */ };
Returns: undefined, response Object

top | back

onreadystatechange

Usage: details.onreadystatechange = function (response) { /* some code */ };
Returns: undefined, response Object

top | back

onerror

Usage: details.onerror = function (response) { /* some code */ };
Returns: undefined, response Object

top | back

response Object
Properties
status readyState responseText finalUrl
statusText responseHeaders
  • Note: there is no responseXML property, contrary to what people used to XMLHttpRequest might expect. This is due to security restrictions imposed on the XMLDocument created in the privileged GM core context. One can easily create its own XMLDocument out of responseText using a DOMParser (see examples below).

top

Properties


status

Value: Number
Usage: if (response.status == 200) { /* some code */ }

top | back

statusText

Value: String
Usage: if (response.statusText == "OK") { /* some code */ }

top | back

readyState

Value: Number
Usage: if (response.readyState == 4) { /* some code */ }

top | back

responseText

Value: String
Usage: alert(response.responseText);

top | back

responseHeaders

Value: String
Usage: if (response.responseHeaders) { /* some code */ }
  • The responseHeaders is the string representation of response headers returned by XMLHTTPRequest.getAllResponseHeaders().

finalUrl

Value: String
Compatibility: Greasemonkey 0.8.0+
Usage: if (response.finalUrl) { /* some code */ }

top | back

Examples

Template:Core samp

When making a POST request, most sites require the Content-Type header to be included as such:

Template:Good samp

Sometimes, you may not need the responseText at all, in which case a "HEAD" request is more advisable. Template:Good samp

top

Notes

[1]Some users have reported problems with international character sets. See these mailing list threads

Resolved: Greasemonkey exposed the overrideMimeType method to allow changing of the desired charset.

[2]Some header atoms may not actually work through GM_xmlhttpRequest. The Referer atom is one that is known to be recognized but appears to be content filtered by the browser. This may be due to security restrictions to keep user scripts from doing unsafe things.

top