X-Git-Url: https://git-public.kairo.at/?p=lantea.git;a=blobdiff_plain;f=js%2Fui.js;h=352f7e78b6448a0fd4f5ef4ed0c677282ec90d6f;hp=f0d2b189b0d97773caed08ecc7d61b741420600b;hb=003d56f8a1eee6825cc6c800f135e13df753770d;hpb=6ddefbf98ebff13592de1d87a3bfc2796ac06d84

diff --git a/js/ui.js b/js/ui.js
index f0d2b18..352f7e7 100644
--- a/js/ui.js
+++ b/js/ui.js
@@ -333,22 +333,44 @@ function uploadTrack() {
   //formData.append("tags", "");
   formData.append("visibility",
                   document.getElementById("uploadVisibility").value);
-  var XHR = new XMLHttpRequest();
-  XHR.onreadystatechange = function() {
-    if (XHR.readyState == 4 && XHR.status == 200) {
-      // so far so good
-      reportUploadStatus(true);
-    } else if (XHR.readyState == 4 && XHR.status != 200) {
-      // fetched the wrong page or network error...
+  // Do an empty POST request first, so that we don't send everything,
+  // then ask for credentials, and then send again.
+  var hXHR = new XMLHttpRequest();
+  hXHR.onreadystatechange = function() {
+    if (hXHR.readyState == 4 && (XHR.status == 200 || hXHR.status == 400)) {
+      // 400 is Bad Request, but that's expected as this was empty.
+      // So far so good, init actual upload.
+      var XHR = new XMLHttpRequest();
+      XHR.onreadystatechange = function() {
+        if (XHR.readyState == 4 && XHR.status == 200) {
+          // Everthing looks fine.
+          reportUploadStatus(true);
+        } else if (XHR.readyState == 4 && XHR.status != 200) {
+          // Fetched the wrong page or network error...
+          reportUploadStatus(false);
+        }
+      };
+      XHR.open("POST", gOSMAPIURL + "api/0.6/gpx/create", true);
+      // Cross-Origin XHR doesn't allow username/password (HTTP Auth).
+      // So, we'll ask the user for entering credentials with rather ugly UI.
+      XHR.withCredentials = true;
+      try {
+        XHR.send(formData); // Send actual form data.
+      }
+      catch (e) {
+        reportUploadStatus(false, e);
+      }
+    } else if (hXHR.readyState == 4 && hXHR.status != 200) {
+      // Fetched the wrong page or network error...
       reportUploadStatus(false);
     }
   };
-  XHR.open("POST", gOSMAPIURL + "api/0.6/gpx/create", true);
+  hXHR.open("POST", gOSMAPIURL + "api/0.6/gpx/create", true);
   // Cross-Origin XHR doesn't allow username/password (HTTP Auth).
   // So, we'll ask the user for entering credentials with rather ugly UI.
-  XHR.withCredentials = true;
+  hXHR.withCredentials = true;
   try {
-    XHR.send(formData);
+    hXHR.send(); // Empty request, see above.
   }
   catch (e) {
     reportUploadStatus(false, e);