Results 1 to 9 of 9
  1.    #1  
    Hi all,

    Has anybody successfully managed to connect to a server via the XMLHttpRequest* object using username & password parameters in the open() method?

    I have the following code running in IE8** and on WebOS on the Palm emulator:

    Code:
    var req = new XMLHttpRequest();
    req.open("get", "http:192.168.1.1/test.xml", true, "myUser", "myPassword");
    req.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
    req.onreadystatechange = function() { 
        if (req.readyState == 4) {
             console.log('status: ' + req.status + req.statusText + '\nResponse: ' + req.responseText);
        }
    }
    req.send(null);
    The webserver is IIS set up with basic authentication on the root. If I run the code above from a PC the hit registers on IIS and returns status 200, if I run it from the Pre it never gets there and returns status 0.

    I have verified connectivity and the general usage of the code by turning authentication off and removing the username and password from the code and I get the same result on both my Pre and my PC.

    Is this a bug in the Pre's handling of XHR with credentials?

    * Ajax.request as far as I can see doesn't accept these to pass on to the underlying XHR.

    ** I'm using IE8 because other modern browsers flat out refuse to send cross-domain XHR requests where-as IE8 gives you a warning but lets you. I have verified the code above works in both chrome and firefox in another environment (where the remote service was on the same host but sandboxed) to make sure it wasn't some magic happening in IE8 for me.
  2. #2  
    "http:192.168.1.1/test.xml"

    Is that line right? Shouldn't it be "http://" ?
  3.    #3  
    Yes, you're right. The board stripped those from the post I think - it won't let me put them in (and post a link) 'til my post count is 10 or more
  4. #4  
    Quick question....why are you using HTTP authentication anyway? From my quick google search, it seems that AJAX & HTTP authentication is buggy at best. You could alternatively use a dynamic php script that performs the necessary authentication with sessions.
  5.    #5  
    Because the webservices I'm trying to consume are hosted on sites secured by basic http authentication. php or other server side technologies don't really come into it as far as I can see. I wouldn't want to put any scripts on the target machines (or be able to in some cases).
  6. #6  
    I was getting that back from a request I make, and the info was being sent back to me in responseTEXT. Have you checked all of the return variables and not just the status?
    WOG Dev - WebOS Group http://www.WebOSGroup.com
    PMP Dev - http://www.PimpMyPre.com
    Apps: WOG O.S.K., WOG Card Keeper, WOG Glowstick, WOG Kid Protect, PreLoad, PimpMySounds
  7.    #7  
    Yeh, like I say the code works fine without the username and password against anonymous-enabled hosts. As soon as you turn on basic authentication on the host and try to supply a username and password, it returns status 0.

    I'd seen a post before mentioning the oddity where it returns 0 when successful so I kept a close eye on that.
  8.    #8  
    I found a couple of threads from people on the developer.palm.com forums who'd had success connecting using basic auth. I've kind of answered my above question but I'll post a full reply and highlight what I've found when I've fully explored the solution.

    Thanks to anybody who looked at this so far.
  9.    #9  
    I've done some more digging. There were a couple of things in my production code missing from the example which caused failures.

    1) The username for one server I was connecting to had an @ in it, this seems to cause webos to not bother sending the request.
    2) Another server I was testing was using NTLM authentication, using a normal browser I get 3 challenges/responses when using NTLM then the content is delivered. The pre appears to send 2 and then gives in with 401 not authenticated.

    Can anybody confirm these findings? Has anybody connected via NTLM or with a username with an @ in it?

Tags for this Thread

Posting Permissions