Skip to content

Commit

Permalink
Enabled xhrFields to pass the credentials on SSO authenticated enviro…
Browse files Browse the repository at this point in the history 
…nments

Additional xhrFields : { withCredentials: True} added to the connection
  • Loading branch information
@cmanaha
cmanaha committed Jan 8, 2016
1 parent 8fe463f commit ae654ee
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
3 changes: 3 additions & 0 deletions _site/app.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1272,6 +1272,9 @@
return $.ajax( $.extend({
url: this.base_uri + params.path,
dataType: "json",
xhrFields:{
withCredentials: true
},
error: function(xhr, type, message) {
if("console" in window) {
console.log({ "XHR Error": type, "message": message });
Expand Down
3 changes: 3 additions & 0 deletions src/app/services/cluster/cluster.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,9 @@
return $.ajax( $.extend({
url: this.base_uri + params.path,
dataType: "json",
xhrFields:{
withCredentials: true
},
error: function(xhr, type, message) {
if("console" in window) {
console.log({ "XHR Error": type, "message": message });
Expand Down

1 comment on commit ae654ee

@sjuvonen
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This completely messed up Elasticsearch-head, as both Firefox and Chrome refuse to perform any AJAX queries without using some proxy in between, as vanilla ES passes * as the value for Access-Control-Allow-Origin, which isn't allowed with XHR authentication.

withCredentials should be set to true only when actually using credentials.

Please sign in to comment.