Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

XMLHttpRequest() vs ActiveXObject("Microsoft.XMLHTTP") - what's the point?

Microsoft finally added the native XMLHttpRequest object in Internet Explorer 7, but I found out that it can be disabled in the Internet Options dialog. So what benefit is there using XMLHttpRequest() vs ActiveXObject("Microsoft.XMLHTTP")?

If it can be disabled, that means we have to keep our browser compatibility checks in forever, doesn't it? Would XMLHttpRequest() initialize quicker than ActiveXObject("Microsoft.XMLHTTP") or what? Why would Microsoft add it and make it optional?

like image 877
Andy E Avatar asked Oct 21 '09 12:10

Andy E


2 Answers

The ActiveXObject can also be disabled. Note that other browsers can disable this and other settings as well. This is not about browser compatibility, but about user preference. Users can allow / disallow cross-domain requests, can allow / disallow scripts, can allow Flash or not etc.

You'll always have to check whether your page still runs smooth (or falls back gracefully) when users have disabled certain browser's features that you need.

The good news is: it is enabled by default, most users will have it on.

Update: by default, scripting and external requests (i.e. document(), xsl:include with XSLT or external entities in XML) are not supported by XmlHttpRequest-retrieved objects and must be enabled explicitly. This is different from non-IE browsers, where external requests from XHR-loaded documents are allowed (or don't exist, like in Safari and Chrome).

like image 148
Abel Avatar answered Sep 21 '22 10:09

Abel


This is a guess, but I would assume they allow it to be disabled for the same reason they allow JavaScript to be disabled. Some people believe the risks (privacy, security, whatever) outweigh the benefit and thus want it disabled.

like image 23
Mayo Avatar answered Sep 20 '22 10:09

Mayo