Basic Authentication With XMLHTTPRequest

I am attempting to use XMLHTTPRequest to get an update on twitter.

var XMLReq = new XMLHttpRequest();
XMLReq.open("GET", "http://twitter.com/account/verify_credentials.json", false, "TestAct", "password");
XMLReq.send(null);

However, using my sniffer I cannot see any authorization headers being passed through. Hence, I get a 401 error response from Twitter.

The account and password are correctly entered.

Anyone attempt this? Can anyone give me some pointers? Thank you.

Answers:

Answer

You just need to add a Authorization header, an user name and password in a base64 encoded string as follows.

XMLReq.setRequestHeader("Authorization", "Basic " + btoa("username:password"));
Answer

In cross-origin requests, you have to explicitly set the withCredentials flag if you want user credentials to be sent.

See http://www.w3.org/TR/XMLHttpRequest/#the-withcredentials-attribute (where user credentials includes HTTP authentication)

Answer

Due to the Origin policy, you cannot make a XMLHttpRequest from your domain to another domain. E.g. you cannot use http://twitter.com/... URLs unless your script was loaded from twitter.com. If your script is loaded from http://localhost/, the AJAX request also need to go to localhost.

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.