When this is working, it should allow the browser to negotiate Windows
Authentication properly correct?
I'm testing this change out in an Ionic2 app to allow CORS ajax requests to
negotiate NTLM auth. No luck yet.
On Friday, January 8, 2016 at 2:14:49 PM UTC-5, Martin Wawrusch wrote:
>
> I mean IT DOES WORK ;-)
>
>
>
> On Friday, January 8, 2016 at 11:12:03 AM UTC-8, Martin Wawrusch wrote:
>>
>> Tried this in bootstrap but it doesn't work
>>
>> HTTP_PROVIDERS,
>> provide(BrowserXhr, {useClass:CORSBrowserXhr}),
>>
>>
>>
>> On Friday, January 8, 2016 at 10:58:29 AM UTC-8, Barry Rowe wrote:
>>>
>>> I'm looking to solve this as well. Hopefully we can find a workaround
>>> using the above until the fix is released.
>>>
>>> On Friday, January 8, 2016 at 1:46:14 PM UTC-5, Martin Wawrusch wrote:
>>>>
>>>> So at this point I think replacing the BrowserXhr is the way to go,
>>>> like so:
>>>>
>>>> @Injectable()
>>>> export class CORSBrowserXHr extends BrowserXhr {
>>>>
>>>> build(): any {
>>>> var x:any = super.build();
>>>> x['withCredentials'] = true;
>>>> return x;
>>>> }
>>>> }
>>>>
>>>> Now the million dollar question: How and where (bootstrap.ts?) do I
>>>> inject this so that Http picks it up?
>>>>
>>>>
>>>>
>>>> On Friday, January 8, 2016 at 9:03:24 AM UTC-8, Martin Wawrusch wrote:
>>>>>
>>>>> The browser xhr or fetch must be configured to enable the credentials
>>>>> to be sent to the server, that's not happening by default. When using
>>>>> fetch
>>>>> one would do this:
>>>>>
>>>>> return window.fetch(that.baseUrl + urlSegment +
>>>>> that._utilQueryStringService.querystring(query), {
>>>>> method: 'GET',
>>>>> credentials: 'include',
>>>>> headers: {
>>>>> 'Accept': 'application/vnd.layer+json; version=1.0',
>>>>> 'Authorization': 'Layer session-token="' +
>>>>> that._layerSessionToken + '"',
>>>>> 'Content-type': 'application/json'
>>>>> }
>>>>>
>>>>> or with xhr you would do
>>>>> _xhr.withCredentials = true;
>>>>>
>>>>>
>>>>> There is this patch in the angular 2 source which does not seem to be
>>>>> in the beta:
>>>>>
>>>>>
>>>>> https://github.com/robwormald/angular/commit/547ea806b881969ded22d4c2880d403f0393bbab
>>>>>
>>>>> So I was wondering what the currently recommended way of dealing with
>>>>> this is at this point.
>>>>>
>>>>>
>>>>> On Friday, January 8, 2016 at 8:45:20 AM UTC-8, Manfred Steyer wrote:
>>>>>>
>>>>>> Hi Martin,
>>>>>>
>>>>>> do you mean the Credentials within the Authorization-Header in this
>>>>>> sample?
>>>>>>
>>>>>> In this case, you don't have to do anything on clientside but only
>>>>>> activate headers on serverside with your CORS-Solution.
>>>>>>
>>>>>> Wishes,
>>>>>> Manfred
>>>>>>
>>>>>> Am Freitag, 8. Januar 2016 17:41:06 UTC+1 schrieb Martin Wawrusch:
>>>>>>>
>>>>>>> Quick question,
>>>>>>> I need to incorporate the credentials in requests so that CORS is
>>>>>>> supported. How exactly do I do that with the beta version of Angular 2.
>>>>>>>
>>>>>>> Code:
>>>>>>>
>>>>>>> var headers = new Headers();
>>>>>>> headers.append('Accept', 'application/json');
>>>>>>> headers.append('Content-Type', 'application/json');
>>>>>>> headers.append('Authorization', 'Bearer ' +
>>>>>>> this._tokenService.accessToken);
>>>>>>>
>>>>>>> //var credentials: RequestCredentialsOpts.Include ????
>>>>>>>
>>>>>>> return this._http.get(finalUrl,{headers: headers});
>>>>>>>
>>>>>>>
>>>>>>>
--
You received this message because you are subscribed to the Google Groups
"AngularJS" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
