Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RestAdapter does not allow to set the XHR withCredentials flag #4563

Closed
saerdnaer opened this issue Sep 30, 2016 · 3 comments
Closed

RestAdapter does not allow to set the XHR withCredentials flag #4563

saerdnaer opened this issue Sep 30, 2016 · 3 comments

Comments

@saerdnaer
Copy link

The current REST XHR implementation in

data/addon/adapters/rest.js

Lines 1332 to 1357 in 16cf35d

_requestToJQueryAjaxHash(request) {
const hash = {};
hash.type = request.method;
hash.url = request.url;
hash.dataType = 'json';
hash.context = this;
if (request.data) {
if (request.method !== 'GET') {
hash.contentType = 'application/json; charset=utf-8';
hash.data = JSON.stringify(request.data);
} else {
hash.data = request.data;
}
}
var headers = request.headers;
if (headers !== undefined) {
hash.beforeSend = function(xhr) {
Object.keys(headers).forEach((key) => xhr.setRequestHeader(key, headers[key]));
};
}
return hash;
},
does not support APIs which require client certificates.

The old way was to override the ajax method, and set hash.xhrFields = { withCredentials: true }; (compare http://stackoverflow.com/a/32864639 ) but overriding the ajax method is now deprecated.

Side node: Acually, in some browsers which do not correctly implement the specification (e.g. Chrome 53), APIs requiring client certs still work – however this is a bug.
@CrshOverride
Copy link

@saerdnaer - I had the same issue. After looking at the source, I was able to override the _requestToJQueryAjaxHash private method as a workaround until a proper solution is proposed:

  _requestToJQueryAjaxHash(request) {
    let hash = this._super(request);
    hash.xhrFields = hash.xhrFields || {};
    hash.xhrFields.withCredentials = true;
    return hash;
  }

@wecc
Copy link
Contributor

wecc commented Oct 20, 2016

Until emberjs/rfcs#171 is a reality I think jQuery.ajaxSetup or jQuery. ajaxPrefilter is the best option.

@runspired
Copy link
Contributor

We removed the ds-improved-ajax feature that was the focus of RFC 171 because ultimately the RFC failed to address a number of issues around providing enough context to adequately build out requests. We're currently working on a new request concept to replace both that RFC and the existing adapter API to resolve these limitations. In the mean time, hooking into either Adapter.ajax or Adapter.ajaxOptions is usually the best bet for customization of this nature.

saerdnaer added a commit to s2labs/vsl-web-ui2 that referenced this issue Jun 1, 2019
@saerdnaer
workaround for to get xhr to send credentials
6c9bc0f 
see also: emberjs/data#4563
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@saerdnaer @runspired @wecc @CrshOverride