You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Using the latest Firefox Developer Edition (111.0b8), & Axios 0.2.7, Authorization headers set in an interceptor are not being sent with the request. This does not occur in Chrome or regular stable Firefox. Doing some research, I found that changing these new settings in about:config makes it work again.
Specifically, setting network.fetch.redirect.stripAuthHeader = false makes it work for me again, the other setting has no effect.
It seems Firefox has implemented a new spec for the Fetch protocol which requires stripping the Authorization header in certain circumstances, & their change was too aggressive & a patch was added, but I'm still getting the problem with the patched version. Here is where I found the new settings & new behavior: https://bugzilla.mozilla.org/show_bug.cgi?id=1817980
Supposedly , the stripping only occurs when the browser receives a redirect to a different origin response back from the server. However, that is not the case in my situation, I get a 200 response back, & the SPA using Axios & the API server Axios is calling are on the same subdomain & https protocol, so there should be no cross-origin issues.
Anybody know how to make Authorization headers set in Axios interceptors work with this new behavior?
Example Code
No response
Expected behavior
No response
Axios Version
0.2.7
Adapter Version
No response
Browser
Firefox Developer
Browser Version
111.0b8
Node.js Version
No response
OS
No response
Additional Library Versions
No response
Additional context/Screenshots
No response
The text was updated successfully, but these errors were encountered:
I solved this in my case. I had a bug in my code. One of the URLs was http rather than https, & my server is configured to automatically redirect http to https, thus triggering this behavior.
Describe the issue
Using the latest Firefox Developer Edition (111.0b8), & Axios 0.2.7, Authorization headers set in an interceptor are not being sent with the request. This does not occur in Chrome or regular stable Firefox. Doing some research, I found that changing these new settings in
about:config
makes it work again.Specifically, setting
network.fetch.redirect.stripAuthHeader = false
makes it work for me again, the other setting has no effect.It seems Firefox has implemented a new spec for the Fetch protocol which requires stripping the Authorization header in certain circumstances, & their change was too aggressive & a patch was added, but I'm still getting the problem with the patched version. Here is where I found the new settings & new behavior: https://bugzilla.mozilla.org/show_bug.cgi?id=1817980
Supposedly , the stripping only occurs when the browser receives a redirect to a different origin response back from the server. However, that is not the case in my situation, I get a 200 response back, & the SPA using Axios & the API server Axios is calling are on the same subdomain & https protocol, so there should be no cross-origin issues.
Anybody know how to make Authorization headers set in Axios interceptors work with this new behavior?
Example Code
No response
Expected behavior
No response
Axios Version
0.2.7
Adapter Version
No response
Browser
Firefox Developer
Browser Version
111.0b8
Node.js Version
No response
OS
No response
Additional Library Versions
No response
Additional context/Screenshots
No response
The text was updated successfully, but these errors were encountered: