CODEWITHSUNDEEP
polymerpolymer-1.0
Muthu Rg
Muthu Rg

Reputation: 662

Polymer.js iron-ajax headers basic authorization not working

I'm doing a cross origin request to fetch a json response from the url which has a Basic authentication. So on tap of the button, am setting the headers for basic authentication. When I print out the values before the request has been sent I see them. But when i check the chrome dev tool for request I don't see the headers been set. Also the request turns to be an "Options" request from "GET" request and the response comes as 401 unauthorized. Is there anything am missing?

 <paper-input type="search" value="{{imageUrl}}" placeholder="Enter Image URL"></paper-input> 
  <div class="buttons">
    <paper-button on-tap="getData" autofocus>Search</paper-button>
  </div>
  <iron-ajax
  id="xhr"
  url="https://api.com/v1"
  params='{"url":"some query value"}'
  handle-as="json"
  method="GET"
  last-response="{{ajaxResponse}}"></iron-ajax>

  getData: function(){
    this.$.xhr.headers['X-Requested-With'] = "XMLHttpRequest";
    this.$.xhr.headers['Authorization'] = this.makeHeaders(this.user, this.password);
    this.$.xhr.generateRequest();
  }

Upvotes: 1

Views: 2071

Answers (1)

&#220;mit
&#220;mit

Reputation: 17489

By default iron-ajax does not send the credentials by default for cross-site requests

You can change this by setting the withCredentials property on the iron-ajax: 

<iron-ajax
  id="xhr"
  url="https://api.com/v1"
  params='{"url":"some query value"}'
  handle-as="json"
  with-credentials="true"
  method="GET"
  last-response="{{ajaxResponse}}"></iron-ajax>

or 

this.$.xhr.withCredentials = true;

Upvotes: 1

Related Questions