PhantomJS Bug and RxDom.DOM.ajax() Basic Authorization

[skoppe]

This is all due to some bug in PhantomJS.

What happens is that PhantomJS strips the Authorization Header.

To fix, change you call to ajax() from:

RxDom.DOM.ajax({url:"http://example.com",user:"noob",password:"123456",headers:{"Authorization":api.auth}});

to:

RxDom.DOM.ajax({url:"http://example.com",headers:{"Authorization":"Basic "+btoa("noob:123456")}});

Watchout, btoa is not supported on <= IE 9. Use some other base64 encoding script in case you need IE9 support.

If RxJS-DOM could detect Phantom-JS environment it might auto-apply this workaround.

[mattpodwysocki]

@skoppe unfortunately, I don't think I can detect if I'm in a broken environment for basic auth, although I'd love to know. Closing for now unless someone else has an answer.

[skoppe]

Yeah, there seems to be only hacks to detect PhantomJS. Although a combo would provide good detection rate, it feels brittle.

Correct me I am wrong, but I suspect RxDOM puts the user and password options in the uri (http://noob:123456@example.com), and lets the browser create the Authorization header. In that case RxDOM could always create the Authorization header itself.

[mattpodwysocki]

@skoppe we do nothing more than setting the user name and password as specified in the xhr.open method

[skoppe]

Of course, that is the way to set it. Sorry, not enough JS programming lately :)

Still, the same solution applies.

xhr.open(method,uri,async);
xhr.setRequestHeader("Authorization","Basic "+btoa(user+":"+password));
xhr.send();

Although like I said before, btoa isn't supported on <= IE 9. I don't know if that is a problem. In that case you would need to pull in a base64 encoder.

[mattpodwysocki]

@skoppe luckily btoa is easily polyfilled if necessary such as what we did here: https://github.com/Reactive-Extensions/RxJS-DOM/blob/master/tests/helpers/btoa.js