Authentication should support CORS
See original GitHub issueI am going to be brief with my bug report. If you need a more thorough description, let me know.
I am assuming that to properly handle the client’s request to /pusher/auth
I need to use cookies.
I expected that I could have pusher-js authenticate against my backend HTTP service across origins. I realized that the requests to /pusher/auth
did not contain any cookies. Upon further inspection, I found that the pusher-js makes a new XHR object to send to the authentication endpoint of my service. This XHR object does not touch the withCredentials
field which, I believe, is required for CORS.
My request is that you provide support for authenticating across origins. Perhaps that is by setting the withCredentials
field.
Issue Analytics
- State:
- Created 10 years ago
- Comments:6 (1 by maintainers)
Top Results From Across the Web
Cross-Origin Resource Sharing (CORS) - MDN Web Docs
The CORS mechanism supports secure cross-origin requests and data ... as Cookies and HTTP Authentication) should be sent with requests. CORS ...
Read more >Authoritative guide to CORS (Cross-Origin Resource Sharing ...
An in-depth guide to Cross-Origin Resource Sharing (CORS) for REST APIs, on how CORS works, and common pitfalls especially around security.
Read more >CORS Tutorial: A Guide to Cross-Origin Resource Sharing
TL;DR: In this article, we'll take a look at CORS, the circumstances under which it is needed, the benefits it provides, and how...
Read more >CORS and Windows Authentication - brockallen
If you want to use windows authentication with CORS then a few things need to be configured properly. First on the server in...
Read more >CORS with WCF and windows authentication - Stack Overflow
Also wrote a IDispatchMessageInspector to handle the CORS preflight messages and added it as a behavior on my WCF service: no luck. It...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Today you would have to do
Hello,
Are there any plans to implement this? 4 years later, IE9 is largely irrelevant browser.
Cheers guys