How to set authorization header in HTML form of GET method
P粉617237727
P粉617237727 2023-08-31 12:21:27
0
1
594
<p>I want to submit an HTML form to a server that accepts the form data in <code>queryString</code> along with the authorization header. The server then sends back the HTML document after performing some calculations on the data and authorization headers. </p> <h1>Restrictions</h1> <ol> <li>I can't use JavaScript features like AJAX or fetch because the form submission gets an HTML response that needs to be opened on the browser. </li> <li>For internal reasons, the form also requires the <code>GET</code> method. </li> </ol> <h1>Response</h1> <p>The response received is an HTML document containing JavaScript containing <code>sessionStorage.setItem('data', 'value')</code> which is scoped only to the source. The form exists in the <em>parent.example.com</em> source, and the received HTML document is in the <em>child.example.com</em> source. So we have to go to the <em>child.example.com</em> page like an HTML form redirect. </p>
P粉617237727
P粉617237727

reply all(1)
P粉851401475

Client code cannot perform this operation.

The closest way is to have the server respond to the request with a 401 Unauthorized status and a WWW-Authenticate: Basic header, which causes the browser to prompt the user for input using its native UI Credentials, and after the user enters the credentials, repeat the request using the format for Basic Authentication and add Authorization.


As Phil mentioned in the comments, it sounds like the URL you want to request is indeed not designed for direct browser navigation.

Rather than trying to solve this problem, you may be better off changing the authentication system to something else (such as a cookie set in response to submission of a traditional login form)

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template