Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Authentication should support CORS

See original GitHub issue

I am going to be brief with my bug report. If you need a more thorough description, let me know.

I am assuming that to properly handle the client’s request to /pusher/auth I need to use cookies.

I expected that I could have pusher-js authenticate against my backend HTTP service across origins. I realized that the requests to /pusher/auth did not contain any cookies. Upon further inspection, I found that the pusher-js makes a new XHR object to send to the authentication endpoint of my service. This XHR object does not touch the withCredentials field which, I believe, is required for CORS.

My request is that you provide support for authenticating across origins. Perhaps that is by setting the withCredentials field.

Issue Analytics

  • State:closed
  • Created 10 years ago
  • Comments:6 (1 by maintainers)

github_iconTop GitHub Comments

20reactions
fiatjafcommented, Jun 16, 2016

Today you would have to do

Pusher.Runtime.createXHR = function () {
  var xhr = new XMLHttpRequest()
  xhr.withCredentials = true
  return xhr
}
19reactions
tadas-scommented, Oct 25, 2017

Hello,

Are there any plans to implement this? 4 years later, IE9 is largely irrelevant browser.

Cheers guys

Read more comments on GitHub >

github_iconTop Results From Across the Web

Cross-Origin Resource Sharing (CORS) - MDN Web Docs
The CORS mechanism supports secure cross-origin requests and data ... as Cookies and HTTP Authentication) should be sent with requests. CORS ...
Read more >
Authoritative guide to CORS (Cross-Origin Resource Sharing ...
An in-depth guide to Cross-Origin Resource Sharing (CORS) for REST APIs, on how CORS works, and common pitfalls especially around security.
Read more >
CORS Tutorial: A Guide to Cross-Origin Resource Sharing
TL;DR: In this article, we'll take a look at CORS, the circumstances under which it is needed, the benefits it provides, and how...
Read more >
CORS and Windows Authentication - brockallen
If you want to use windows authentication with CORS then a few things need to be configured properly. First on the server in...
Read more >
CORS with WCF and windows authentication - Stack Overflow
Also wrote a IDispatchMessageInspector to handle the CORS preflight messages and added it as a behavior on my WCF service: no luck. It...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

TypeError: undefined is not an object (evaluating 'this._callbacks')

Next page

Children of experiment are not updating