i have a question regarding CORS requests with HTTP Authorization header:
It seems to me that web browser is not sending Authorization header with POST request, is there any way around this?
Here is my Angular code:
var app = angular.module('app', [])
.config(['$httpProvider', function($httpProvider) {
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
}]);
app.controller('ctrl', function ($scope, $http) {
$scope.insert = function () {
$http.post('http://my.api.com/Insert',
{
headers: {
'Authorization': 'Basic dGVzdDp0ZXN0',
'Content-Type': 'application/x-www-form-urlencoded'
},
data: {
'Code': 'test data'
},
withCredentials: true
});
};
});
On server side i have this in my web.config
<httpProtocol >
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With" />
<add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
<add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>
</httpProtocol>
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 做个烂人 的文章《AngularJS and Cross Domain POST》','https://www.manongdao.com/article-208113.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}