Javascript Cross-Domain Request Authentication

Question

Javascript Cross-Domain Request Authentication

I am trying to create a public web service (WCF / Rest) that implements basic authentication. The problem I am facing is that in order for the web service to be available, it must allow scripting from other domains. To do this, the end user will need to use JSONP to receive a response, and JSONP requests do not allow the addition of additional headers (for example, the main authentication header).

I need to be able to support IE8-10, Firefox and Chrome with this solution.

I tried changing the url:

http://username: password@Service /Endpoint/Method

but to no avail in IE10.

I also used the sentence from this post:

http://kevinkuchta.com/_site/2012/01/basic-authentication-with-jsonp/

but it doesn't seem to cut it in IE10 either.

+4

javascript jsonp cross-domain wcf

mrK Mar 22 '13 at 15:05

source share

1 answer

ruffrey · Answer 1 · 2013-04-30T14:30:06+0000

Here is an example implementation of HTTP authentication using JSONP.

It is assumed that your server will track that the user is authenticating using a cookie. You put the basic authorization credentials in the image request, do JSONP after authentication.

Alternatively, you can pass query parameters with auth parameters. They will work with JSONP. However, this is clearly not a basic HTTP request, as you requested.

Javascript Cross-Domain Request Authentication

More articles: