×

Discussion Board

Results 1 to 10 of 10
  1. #1
    Registered User
    Join Date
    Dec 2009
    Posts
    5

    Serious issue with basic authentication via ajax, seems to be a bug!

    After testing my widget to the devices mentioned at the bottom of the message I concluded that,

    -WRT widgets do not support http HEAD requests.
    -when using http basic authentication (ajax) the s60 platform prompts for authentication even
    when I pass the correct credentials via http headers.This happens on Nokia N97, Nokia 5800 XpressMusic,
    Nokia 5230 but not in Nokia E52.

    Authentication header example:

    xmlHttp.setRequestHeader("Authorization", 'Basic '+(Base64.encode(USERNAME+':'+PASSWORD))+'');

    -also on basic authentication (ajax) when the user enters wrong credentials the platform prompts authentication
    on all devices.

    Devices tested:

    1) Nokia N97
    2) Nokia 5800 XpressMusic
    3) Nokia 5230
    4) Nokia E52

    (All devices are firmware updated the via the Nokia Device Update feature in the Phone Management screen)

    There are two more threads mentioning this issue, and there was no progress to sort this out.

    Your help is much appreciated,
    Thanks

  2. #2
    Registered User
    Join Date
    Sep 2008
    Location
    Manaus, Brazil
    Posts
    109

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    Hi loukas,

    This bug is really serious, WRT doesn't allow to set HTTP header request. Actually, the new firmwares in N97 allows, however I believe it will be fix in CWRT (WRT to Maemo platform) and in other firmwares update S60 3th and 5th.

    I developed a widget which it was necessary to set http header in oauth authentication, I made a workaround and worked.

    Javier
    Javier Zambrano Ferreira

  3. #3
    Registered User
    Join Date
    Dec 2009
    Posts
    5

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    Hi jzferreira,

    Thanks for your reply!

    It would be much appreciated if you could share your workaround...

    Thanks,
    Loukas

  4. #4
    Registered User
    Join Date
    Sep 2008
    Location
    Manaus, Brazil
    Posts
    109

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    The workaround is proxy
    Javier Zambrano Ferreira

  5. #5
    Registered User
    Join Date
    May 2010
    Posts
    2

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    I think that the problem is related to the fact that Nokia WRT now does not support customized header.
    Interesting, plenty of google applications, such as google spreadsheet, now provides API for web applications. Without supporting the customized headers, Nokia WRT can work only with public docs/sites and so on.

  6. #6
    Registered User
    Join Date
    Apr 2010
    Location
    Rosario, Argentina
    Posts
    38

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    Hi Javier, do you have an example on how to authenticate with oauth? I can't get my widget to connect with oauth.
    Thanks
    Pam

  7. #7
    Registered User
    Join Date
    Jun 2010
    Posts
    13

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    By the way, WRT blocks not all HTTP headers, but some that were blocked because of security issues in Webkit-browser. BUT (!) this security issues were connected with browser, not with widgets that are standalone applications and of course must have possibility to change any header.

    So those who have problems with Authorization header should know, that in Nokia browser BLOCKS this header and don't send it. So if you want to use it you should use proxy e.g. sending X-Authorization header and changing it to Authorization at proxy-server. But this is incredible situation, I agree. I'm now trying to create Twitter app and spending vast time to support proxy.

    Another thing, as I understood, that last versions of Webkit (not that in Nokia) supports special field withCredentials for XHR object. This should enable authorization fields.

    So my opinion is Nokia must unblock Authorization header (I even can't create twitter app without problems!) and other things that were created to restrict browser issues (not widgets). Or WRT never will be development enviroment of full value.
    Last edited by vivacity; 2010-08-10 at 11:05.

  8. #8
    Registered User
    Join Date
    Feb 2004
    Posts
    24

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    Hi all,
    I'm struggling with oauth / http_cookie as well. Its really annoying as my code works perfectly on phoneGap with Andoid and iPhone but using WRT I simply can't get http_cookie hence cannot start a proper php session.
    Any elegant solution (other than running a proxy server) ?

    Thanks
    Rafi

  9. #9
    Registered User
    Join Date
    Apr 2009
    Posts
    3

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    Hi, I seem to have the same problem with the missing headers for authentication .
    Do you know if this issue is solved with the newer devices or newer browsers?

  10. #10
    Registered User
    Join Date
    Jun 2010
    Posts
    13

    Re: Serious issue with basic authentication via ajax, seems to be a bug!

    They didn't update even webkit in new firmwares. The problem is still the same. I thinks we should wait for QtWRT with more modern browser

Similar Threads

  1. 6630 v 4.03.18 SERIOUS BUG???
    By pitstreet in forum Mobile Java Networking & Messaging & Security
    Replies: 12
    Last Post: 2005-11-15, 09:33
  2. serious bug in 6680
    By parf in forum Mobile Java General
    Replies: 9
    Last Post: 2005-11-08, 01:41
  3. 6630 v 4.03.18 SERIOUS BUG???
    By pitstreet in forum Mobile Java General
    Replies: 2
    Last Post: 2005-07-14, 13:22
  4. Serious BUG in Nokia phones!!!
    By bartekn in forum Mobile Java Media (Graphics & Sounds)
    Replies: 10
    Last Post: 2004-03-28, 22:09

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
×