• Most of them do. It’s a common practice nowadays to add the HTTP_X_REQUESTED_WITH header to the request. It think prototype did it first 😛 And a lot of PHP framework support this detection:

    [code lang=”php”]
    // Zend Framework, in the controller
    $this->getRequest()->isXmlHttpRequest();

    // Cake PHP, with the RequestHandler component
    $this->RequestHandler->isAjax();
    [/code]

    The thing is that I don’t want to simply display the “user not allowed” message, I want to redirect the user to the login form, even if the request is made via Ajax and not just by get or post…

  • If you’re using jQuery to post AJAX requests you may test server-side if the request was made via AJAX:

    then you can display an message in the ‘content’ box:

    Just an alternative way. Maybe other JavaScript frameworks support this too.

  • Raul

    Just a very little observation: instead of “case 401:”, I would write “default:”

  • There are more HTTP statuses than just those two…

Advertisment ad adsense adlogger