c# - Authorization Header is null when making jQuery Ajax request -


i have went through pretty of articles can find , followed suggested , somehow when processing request on server side authorization header null.

the back-end asp.net mvc web api , i've implemented filter authentication. i've tried using postman , setup authorization header , have verified back-end code works.

however, can't seem make work via ajax call in jquery.

here jquery ajax request:

//do ajax call api     $.ajax({         url: "http://localhost:55602/api/evaluatetableexpression?callback=?",         type: "get",         data: "json=" + escape(json.stringify({             "fdml": "hr.employee emp { emp.id, emp.firstname, emp.prsname }"         })),         datatype: "jsonp",         beforesend: function(request) {             request.setrequestheader("authorization", "basic " + btoa("master:servant"));         },         success: function(data, status) {              console.log(data);              if (!data.errorsoccurred) {                 var header = data.value.header.columns;                 var records = processrecords(header, data.value.rows.rows);                 rendergrid(header, records, $("#employeegrid"));             }         },         error: function(xhr, textstatus, errorthrown){             console.log(errorthrown);         }     });

and below snippet of code processes request...

public override void onauthorization(httpactioncontext actioncontext)     {         // in case user authorized using forms authentication         // check header basic authentication         if (thread.currentprincipal.identity.isauthenticated) return;          var authheader = actioncontext.request.headers.authorization;         if (authheader != null)         {             if (authheader.scheme.equals("basic", stringcomparison.ordinalignorecase) &&                 !string.isnullorwhitespace(authheader.parameter))                  if (authenticateuser(authheader)) return;         }          handleunauthorizedrequest(actioncontext);     }

when inspect actioncontext.request.header, can see authorization value null.

what doing wrong here? in advance.

edit: including settings in web.config file might figure out what's causing problem.

<httpprotocol>   <customheaders>     <add name="access-control-allow-origin" value="*" />     <add name="access-control-request-headers" value="authorization, content-type"/>     <add name="access-control-allow-headers" value="content-type, authorization" />     <add name="access-control-allow-methods" value="post, get, options" />   </customheaders> </httpprotocol>  <authentication mode="forms" />

edit: below raw http request

get /api/evaluatetableexpression?callback=jquery21109280835636891425_1403905133542&j‌​son=%7b%22fdml%22%3a%22hr.employee%20as%20emp%20%7b%20emp.id%2c%20emp.firstname%2‌​c%20emp.prsname%20%7d%22%7d&_=1403905133544  http/1.1 host: localhost:55602  connection: keep-alive  accept: / user-agent: mozilla/5.0 (windows nt 6.3; wow64) applewebkit/537.36 (khtml, gecko) chrome/35.0.1916.153 safari/537.36 referer: localhost/fdmweb accept-encoding: gzip,deflate,sdch accept-language: en-us,en;q=0.8

edit: seems has doing cross origin request. when comment out datatype: "jsonp" attribute on ajax call, can see authorization header being set. problem is, how set header when expecting jsonp result or doing cors?

to solve problem need this

  1. remove custom headers web.config
  2. add reference in web api project:

    system.web.http.cors

  3. add following line code inside register method of webapiconfig class.

    config.enablecors();

  4. add following attribute in controller(s)

    [enablecors(origins: "", headers: "", methods: "*", supportscredentials = true)]


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more