So at this point I think replacing the BrowserXhr is the way to go, like so:
@Injectable()
export class CORSBrowserXHr extends BrowserXhr {
build(): any {
var x:any = super.build();
x['withCredentials'] = true;
return x;
}
}
Now the million dollar question: How and where (bootstrap.ts?) do I inject
this so that Http picks it up?
On Friday, January 8, 2016 at 9:03:24 AM UTC-8, Martin Wawrusch wrote:
>
> The browser xhr or fetch must be configured to enable the credentials to
> be sent to the server, that's not happening by default. When using fetch
> one would do this:
>
> return window.fetch(that.baseUrl + urlSegment +
> that._utilQueryStringService.querystring(query), {
> method: 'GET',
> credentials: 'include',
> headers: {
> 'Accept': 'application/vnd.layer+json; version=1.0',
> 'Authorization': 'Layer session-token="' +
> that._layerSessionToken + '"',
> 'Content-type': 'application/json'
> }
>
> or with xhr you would do
> _xhr.withCredentials = true;
>
>
> There is this patch in the angular 2 source which does not seem to be in
> the beta:
>
>
> https://github.com/robwormald/angular/commit/547ea806b881969ded22d4c2880d403f0393bbab
>
> So I was wondering what the currently recommended way of dealing with this
> is at this point.
>
>
> On Friday, January 8, 2016 at 8:45:20 AM UTC-8, Manfred Steyer wrote:
>>
>> Hi Martin,
>>
>> do you mean the Credentials within the Authorization-Header in this
>> sample?
>>
>> In this case, you don't have to do anything on clientside but only
>> activate headers on serverside with your CORS-Solution.
>>
>> Wishes,
>> Manfred
>>
>> Am Freitag, 8. Januar 2016 17:41:06 UTC+1 schrieb Martin Wawrusch:
>>>
>>> Quick question,
>>> I need to incorporate the credentials in requests so that CORS is
>>> supported. How exactly do I do that with the beta version of Angular 2.
>>>
>>> Code:
>>>
>>> var headers = new Headers();
>>> headers.append('Accept', 'application/json');
>>> headers.append('Content-Type', 'application/json');
>>> headers.append('Authorization', 'Bearer ' +
>>> this._tokenService.accessToken);
>>>
>>> //var credentials: RequestCredentialsOpts.Include ????
>>>
>>> return this._http.get(finalUrl,{headers: headers});
>>>
>>>
>>>
--
You received this message because you are subscribed to the Google Groups
"AngularJS" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
