From 3cf51312b94879e729d2c09971b1ddba8e3ff168 Mon Sep 17 00:00:00 2001
From: Mina Smart <mina.smart@shopify.com>
Date: Tue, 22 Mar 2016 13:58:36 -0700
Subject: [PATCH 1/2] Use polyfills in examples, and try for ie9 magic

---
 examples/cart/index.html |  2 +-
 src/ajax.js              | 31 +++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/examples/cart/index.html b/examples/cart/index.html
index 8e8995162..2b651df9b 100644
--- a/examples/cart/index.html
+++ b/examples/cart/index.html
@@ -5,7 +5,7 @@
   <title>JS Buy SDK Example -- Cart 001</title>
   <link rel="stylesheet" href="index.css">
   <script src="//code.jquery.com/jquery-2.2.1.min.js"></script>
-  <script src="/shopify-buy.globals.js"></script>
+  <script src="/shopify-buy.polyfilled.globals.js"></script>
   <script src="/examples/cart/index.js"></script>
 </head>
 <body>
diff --git a/src/ajax.js b/src/ajax.js
index dfd496516..2c420da47 100644
--- a/src/ajax.js
+++ b/src/ajax.js
@@ -24,8 +24,39 @@ function parseResponse(response) {
     });
 }
 
+function ieFallback(method, url, opts) {
+  return new Promise(function (resolve, reject) {
+    const xdr = new XDomainRequest();
+
+    xdr.onload = function () {
+      try {
+        const json = JSON.parse(xdr.responseText);
+
+        resolve({ json, originalResponse: xdr, isJSON: true });
+      } catch (e) {
+        resolve({ text: xdr.responseText, originalResponse: xdr, isText: true });
+      }
+    };
+
+    function handleError() {
+      reject(new Error('There was an error with the XDR'));
+    }
+
+    xdr.onerror = handleError;
+    xdr.ontimeout = handleError;
+
+    xdr.open(method, url);
+    xdr.send(opts.data);
+  });
+}
+
 export default function ajax(method, url, opts = {}) {
+  if (window.XDomainRequest) {
+    return ieFallback(...arguments);
+  }
+
   opts.method = method;
+  opts.mode = 'cors';
 
   return fetch(url, opts)
     .then(checkStatus)

From 22348e01a0b6982d7432d1e42385fe1c82a3094a Mon Sep 17 00:00:00 2001
From: Mina Smart <mina.smart@shopify.com>
Date: Tue, 29 Mar 2016 17:18:52 -0400
Subject: [PATCH 2/2] Add an IE9 compatible ajax method using XDRs

---
 src/ajax.js     | 30 +++--------------------
 src/ie9-ajax.js | 65 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 68 insertions(+), 27 deletions(-)
 create mode 100644 src/ie9-ajax.js

diff --git a/src/ajax.js b/src/ajax.js
index 2c420da47..195fd082f 100644
--- a/src/ajax.js
+++ b/src/ajax.js
@@ -1,3 +1,5 @@
+import ie9Ajax from './ie9-ajax';
+
 function checkStatus(response) {
   if (response.status >= 200 && response.status < 300) {
     return response;
@@ -24,35 +26,9 @@ function parseResponse(response) {
     });
 }
 
-function ieFallback(method, url, opts) {
-  return new Promise(function (resolve, reject) {
-    const xdr = new XDomainRequest();
-
-    xdr.onload = function () {
-      try {
-        const json = JSON.parse(xdr.responseText);
-
-        resolve({ json, originalResponse: xdr, isJSON: true });
-      } catch (e) {
-        resolve({ text: xdr.responseText, originalResponse: xdr, isText: true });
-      }
-    };
-
-    function handleError() {
-      reject(new Error('There was an error with the XDR'));
-    }
-
-    xdr.onerror = handleError;
-    xdr.ontimeout = handleError;
-
-    xdr.open(method, url);
-    xdr.send(opts.data);
-  });
-}
-
 export default function ajax(method, url, opts = {}) {
   if (window.XDomainRequest) {
-    return ieFallback(...arguments);
+    return ie9Ajax(...arguments);
   }
 
   opts.method = method;
diff --git a/src/ie9-ajax.js b/src/ie9-ajax.js
new file mode 100644
index 000000000..d6badfe65
--- /dev/null
+++ b/src/ie9-ajax.js
@@ -0,0 +1,65 @@
+function authToUrl(url, opts) {
+  let authorization;
+
+  if (opts.headers) {
+    Object.keys(opts.headers).forEach(key => {
+      if (key.toLowerCase() === 'authorization') {
+        authorization = opts.headers[key];
+      }
+    });
+  }
+
+  if (authorization) {
+    const hashedKey = authorization.split(' ').slice(-1)[0];
+
+    try {
+      const plainKey = atob(hashedKey);
+
+      let newUrl;
+
+      if (url.indexOf('?') > -1) {
+        newUrl = `${url}&_x_http_authorization=${plainKey}`;
+      } else {
+        newUrl = `${url}?_x_http_authorization=${plainKey}`;
+      }
+
+      return newUrl;
+    } catch (e) {
+      // atob choked on non-encoded data. Therefore, not a form of auth we
+      // support.
+      //
+      // NOOP
+      //
+    }
+  }
+
+  return url;
+}
+
+function ie9Ajax(method, url, opts) {
+  return new Promise(function (resolve, reject) {
+    const xdr = new XDomainRequest();
+
+    xdr.onload = function () {
+      try {
+        const json = JSON.parse(xdr.responseText);
+
+        resolve({ json, originalResponse: xdr, isJSON: true });
+      } catch (e) {
+        resolve({ text: xdr.responseText, originalResponse: xdr, isText: true });
+      }
+    };
+
+    function handleError() {
+      reject(new Error('There was an error with the XDR'));
+    }
+
+    xdr.onerror = handleError;
+    xdr.ontimeout = handleError;
+
+    xdr.open(method, authToUrl(url, opts));
+    xdr.send(opts.data);
+  });
+}
+
+export default ie9Ajax;