search

yashints / ngx-pass-strength

Measure your password strength powered by Angular Library
https://www.npmjs.com/package/ngx-pass-strength
MIT License
0 stars 5 forks source link

Api call to pwnedPassword is not allowed #1

Open sachin5590 opened 5 years ago

sachin5590 commented 5 years ago

Hi, When I try to use the library the following way:

<input class="form-control" type="password" name="password" [(ngModel)]="password"> <ngx-pass-strength [passwordToCheck]="password">

I am getting this error: Access to XMLHttpRequest at 'https://api.pwnedpasswords.com/range/25A38' from origin 'http://localhost:4200' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.

Can you please help in solving the issue.

sachin5590 commented 5 years ago

Oh. I found the problem. The problem was that we are using custom interceptor, which blocked the url. When I add if condition to it for your url, it is working. But if in future, the api url for pwnedpasswords changes, then again application will break. So can you export the api, so even if api changes and you update the module, the application will still run. Also can you add a variable, with which user can show/hide the message: "Credits to Have I Been Pwned APIs.".

yashints commented 5 years ago

Thanks for raising this issue @sachin5590 , I will consider this and get back to you once I made my mind. Have to understand the side effects of exposing the API first