chrome 401 unauthorized javascript login

2018-06-07 06:35:47

I'm currently developing a chrome extension, I need to access some http-auth protected resources (webdav). The HTTP auth is using (in the best case) a digest authentication.

The issue is : if the login/password is wrong, I can't just get a 401 status (unauthorized), Chrome pops up the regular authentication dialog. Which I don't want cause it's confusing for user and I can't save the credentials from here.

EDIT: Another use-case I faced is : I want to check if a resource is password-protected without trying to provide credentials to actualy access it.

Any ideas on how to catch the 401 without poping the Chrome's auth box ?

I try using this function:

function autoLogin(domain, user, password) {
        var httpAuth;

        if (window.XMLHttpRequest) {
            httpAuth = new XMLHttpRequest(); // code for IE7+, Firefox, Chrome, Opera, Safari
        }
        else if (window.ActiveXObject) {
            httpAuth = new ActiveXObject("Microsoft.XMLHTTP"); // code for IE6, IE5
        }
        else {
            alert("Seu browser não suporta autenticação xml. Favor autenticar no popup!");
        }

        var userName = domain + "" + user;

        httpAuth.open("GET", "/_layouts/settings.aspx", false, userName, password);
        httpAuth.onreadystatechange = function () {
            if (httpAuth.status == 401) {
                alert("wrong");
                eraseCookie('AutoLoginCookieUserControl_User');
                eraseCookie('AutoLoginCookieUserControl_Password');
            }
            else {
                if ($(".pnlLogin").is(':visible')) {
                    $(".pnlLogin").hide();
                    $(".pnlUsuario").css("display", "block");
                    $(".avatar").css("display", "block");
                    var name = $().SPServices.SPGetCurrentUser({ fieldName: "Title" });
                    $(".loginNomeUsuario").html("Seja Bem Vindo(a) <br />" + name);
                }
            }
        }

        try {
            httpAuth.send();
        }
        catch (err) {
            console.log(err);
        }
    }

链接地址: http://www.djcxy.com/p/22312.html

上一篇: XMLHttpRequest（）＆net :: ERR

下一篇: Chrome 401未经授权的JavaScript登录