DarianAnjuhal
commented
7 years ago I have the same issue. Do you have a solution already?
Open gregorycfrank opened 7 years ago
DarianAnjuhal
commented
7 years ago I have the same issue. Do you have a solution already?
RyamBaCo
commented
7 years ago Also experiencing the same issue. I could partially fix it by also setting the request headers in client.js at the function HAL.Http.Client.prototype.request but I wasn't able to fix all the issues since modifications in CustomPostForm.js also need to be made (to also add the headers in the upcoming get request), which appears to be part of Spring Boot.
Our fix is currently calling a custom code snippet which is overriding the Authentication header for all requests with the value from the textarea. Of course not feasible for all use cases but good enough for us right now:
$.ajaxSetup({ beforeSend: function (xhr) { xhr.setRequestHeader("Authorization",$('.request-headers textarea').val()); } });
gregorycfrank
commented
7 years ago Not sure if it relates directly to this project, but I fixed it in Spring Data REST as shown here: https://jira.spring.io/browse/DATAREST-1077
My app uses Oauth2. As a poor-man's workaround for testing I made the endpoint
/api/browser/**available to all. In the HAL Browser I've set the Custom Request Header toAuthorization:bearer {token}. Browsing the network calls in Chrome shows that the Authorization header is sent for GET requests, but not for NON-GET requests. This makes authorization for my endpoints fail for any NON-GET requests.