withCredentials is not working

[rak19]

I am passing 'withCredentials : true' for an API requiring basic API authentication. This doesn't seem to work. I am able to successfully upload on another setup of same API without credentials. CORS is set up properly on this API, other GET / POST calls ( CORS ) work on this API.

Usage :

$upload.upload({
                url: NotificationAPI.hostName + '/notification/doUpload',
                headers: {'Content-Type' : 'multipart/form-data'},
                fields: fields,
                file: file,
                withCredentials : true,
            }).

[danialfarid]

Can you compare the request headers of the two and post it here.

[rak19]

Server not requiring credentials
OPTIONS Request Headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Encoding
gzip, deflate
Accept-Language
en-US,en;q=0.5
Access-Control-Request-He...
authorization
Access-Control-Request-Me...
POST
Cache-Control
no-cache
Connection
keep-alive
Host
devices.local
Origin
http://localhost:8002
Pragma
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:37.0) Gecko/20100101 Firefox/37.0

POST REQUEST HEADERS

Accept
application/json, text/plain, /
Accept-Encoding
gzip, deflate
Accept-Language
en-US,en;q=0.5
Authorization
Basic ***************** ( base 64 string hidden )
Cache-Control
no-cache
Connection
keep-alive
Content-Length
103935
Content-Type
multipart/form-data; boundary=---------------------------8596887595189954971826227612
Cookie
ci_session=a%3A4%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2217a7af26222b79f99ca9f066d652d96c%22%3Bs
%3A10%3A%22ip_address%22%3Bs%3A9%3A%22127.0.0.1%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A82%3A%22Mozilla
%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10.10%3B+rv%3A37.0%29+Gecko%2F20100101+Firefox%2F37.0%22%3Bs%3A13
%3A%22last_activity%22%3Bi%3A1428557578%3B%7Dc19d866f307c9cae7e73cdd0b51c5c08
Host
devices.local
Origin
http://localhost:8002
Pragma
no-cache
Referer
http://localhost:8002/app/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:37.0) Gecko/20100101 Firefox/37.0

[rak19]

Server requiring credentials

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Encoding
gzip, deflate
Accept-Language
en-US,en;q=0.5
Access-Control-Request-He...
authorization
Access-Control-Request-Me...
POST
Cache-Control
no-cache
Connection
keep-alive
Host
devices.local
Origin
http://localhost:8002
Pragma
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:37.0) Gecko/20100101 Firefox/37.0

[danialfarid]

You won't need headers: {'Content-Type' : 'multipart/form-data'}, in your code.
The request does have authorization header for the upload request so the plugin does send the credentials.

[rak19]

Yes, looks like. Still I get 401 authorized. I wrote a bare vanilla file upload using http.post today and this worked. Attaching code here.

$http.post(uploadUrl, fd, {
transformRequest: angular.identity,
headers: {'Content-Type': undefined},
withCredentials: true
}).success(function (data, status, headers, config) {
$scope.closeThisDialog('test');
var r = angular.fromJson(data);
$scope.selected_file.file_url = r.file_url;
}).error(function(){
});

[danialfarid]

Compare the authorization header between the working http.post and upload and see if that gives you a clue.

[rak19]

These three headers are not send in case of upload : Authorization, Cookie and Content-Type. Here is how I am invoking upload after your suggestions.

$upload.upload({
url: NotificationAPI.hostName + '/notification/doUpload',
fields: fields,
file: file,
withCredentials: true
})

[rak19]

The config object just before http call ( Line:70 angular-file-upload-all.js ) has withCredentials : true.

[danialfarid]

What browser/version?

[rak19]

Firefox latest version, I guess 36/37.