views:

28

answers:

2

Hi,

I'd like to check if a URL is protected by a Http Basic Authentication using javascript. Here is what I have so far :

  function showFailure(){ alert("FAILED ") }
  function showSuccess(){ alert("SUCCESS") }

  var myRequest = new Request({
    url: 'http://localhost/access_protected_HTTP_BASIC', 
    method: 'get', 
    onSuccess: showSuccess,
    onFailure: showFailure
  }).send();

But that actually opens the browser login popup to access the resource. Is there a way not to trigger that popup?

Thanks!

Note : I use mootools in this example but I'd take any javascript example that does the trick :)

A: 

all you should need to do is add a header Authorization: Basic *Base64EncodedString* where *Base64EncodedString* is base64Encode(username+':'+password) it should be easy enough to find a base64encode function out there. YMMV

tobyodavies
+1  A: 

Based on the answer to a similar question, you can manually pass a username and password when sending a request. (And according to the MooTools Docs, the user and password parameters do exactly this.)

Further, the XMLHttpRequest spec says:

If authentication fails, Authorization is not in the list of author request headers, request username is non-null, and request password is non-null, user agents must not prompt the end user for their username and password.

This means you can set a dummy username and password, and the browser won't prompt the user. If you get back a 401 status code, it means authorization is required.

casablanca
Exactly what I needed :) Thanks
Nhaolio