I'm trying to authorise an AJAX query based on this tutorial. It sets the request headers before send with the appropriate authorisation information by using the Crypto library. The problem I'm having is that headers don't seem to be set on request. Here's my code:
beforeSend : function(xhr) {
var bytes = Crypto.charenc.Binary.stringToBytes(username + ":" + password);
var base64 = Crypto.util.bytesToBase64(bytes);
xhr.setRequestHeader("Authorization", "Basic " + base64);
},
The issue was not setting the dataType to JSONP. As this was not done the browser interpreted the call as a standard AJAX request which meant it was being blocked under same-origin-policy.
Working code for reference (credit goes to @pdeschen for suggesting Crpyto):
<script type='text/javascript'>
// define vars
var username = '';
var password = '';
var url = '';
// ajax call
$.ajax({
url: url,
dataType : 'jsonp',
beforeSend : function(xhr) {
// generate base 64 string from username + password
var bytes = Crypto.charenc.Binary.stringToBytes(username + ":" + password);
var base64 = Crypto.util.bytesToBase64(bytes);
// set header
xhr.setRequestHeader("Authorization", "Basic " + base64);
},
error : function() {
// error handler
},
success: function(data) {
// success handler
}
});
</script>