Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: Authorization header not sent on preflight OPTIONS request

  1. #11
    Sencha Premium User
    Join Date
    May 2015
    Posts
    5

    Default

    > I started a new post on Stackoverflow, since I do not think this is an ExtJS/CORS issue.

    I'm having a similar issue-- I'd be interested in a link to your StackOverflow post. Thanks!

  2. #12

    Default

    So far I have gotten no responses. The thread is here: http://stackoverflow.com/questions/3...ith-basic-auth

    I do know that basic auth works directly through the API (python/flask) on all browsers, so it definitely has to do with Ajax. Haven't had much time to look into it lately though.

  3. #13

    Join Date
    Dec 2013
    Location
    Italy
    Posts
    88

    Default

    I think that the OPTION pre-flight must only contains the request header names, not values, as a list in the "Access-Control-Request-Headers" header.

    https://developer.mozilla.org/en-US/...equest-Headers

    Code:
    Ext.Ajax.request({
        url: 'https://www.googleapis.com/plus/v1/people/me/activities/public',
        method: 'GET',
        useDefaultXhrHeader: false,
        cors: true,
        headers: {
            'Authorization': 'Bearer asdasd67as6d78as6'
        }
    });
    This code produces an OPTION request with
    Code:
    access-control-request-headers: authorization, x-requested-with
    and then a GET request with
    Code:
    authorization: Bearer asdasd67as6d78as6

Page 2 of 2 FirstFirst 12

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •