How to prevent / override authorization header in Safari?

Question

How to prevent / override authorization header in Safari?

I have a webpage under / that requires Basic auth. /api/* uses the REST API, which requires the JWT token passed in the authorization header.

It works fine in Chrome: when loading a webpage, it asks me for the basic credentials, and then the webpage makes AJAX requests to /api/* along with the JWT in the authorization header.

In Safari, however, all AJAX requests are sent with the Authorization header set to Basic credentials and do not allow JWT to be installed in the authorization header ...

Is there any workaround for this situation?

I install JWT for AJAX requests as follows:

 $.ajaxSetup({ headers: {'Authorization': accessToken} });

+7

javascript jquery safari ajax

user606521 Apr 22 '16 at 9:06

source share

1 answer

Anton Shurashov · Answer 1 · 2017-03-02T15:03:58+0000

I had this problem and probably this is a bug in Safari.

Request from Safari:

The same query in Wireshark:

Solution: do not use basic auth or change the name of the authorization header (for example, use X-My-Api-Auth ).

How to prevent / override authorization header in Safari?

More articles: