About jQuery XMLHttpRequest CORS GET request?

Question

I've to append a custom Authentication header (among others) to all of my jQuery Ajax requests.

I know that this can be accomplished using:

beforeSend(jqXHR, settings) Function

A pre-request callback function that can be used to modify the jqXHR (in jQuery 1.4.x, XMLHTTPRequest) object before it is sent. Use this to set custom headers, etc. The jqXHR and settings maps are passed as arguments.

However, reading the XMLHttpRequest object documentation (superset of the XMLHTTPRequest object) there is a line that actually scares me:

Note that AJAX functions only return or pass an XHR object when an XHR object is actually used in the request. For example, JSONP requests and cross-domain GET requests use a script element rather than an XHR object.

What's the meaning of CORS GET requests uses a script rather than an XHR object? Does it means that setting custom headers is not possible with GET requests?

Answer 1

Sending custom headers should be possible in a GET request - JSONP uses script injection (a script tag is inserted in your document dynamically) rather than XMLHttpRequest