0

After $http request in angularJS, I could see any header sent with response in safari "Web Inspector" (OS: Windows 8). But same when I try to access like headers('Authorization') in angularJS, it returns null.

Tried by setting custom headers also, but when I access, I get null value. Our application login happens by validating the authorization header. Since it is returning null in Safari browser, not able to login only :(.

Anyone has come across this Safari browser issue and got solution? Please help..

Madhura KM
  • 140
  • 1
  • 10
  • Your question is confusing - `Authorization` is a request header - you won't be able to see it on a response. – Starscream1984 Sep 08 '15 at 09:24
  • Application sends a 'bearer token' in 'Authorization' header with login response. and any further request made to server will have this 'Authorization' header to authenticate in server. – Madhura KM Sep 08 '15 at 09:30
  • 1
    What happens if you try to send the `bearer token` value in the response body from your server instead? It doesn't have to be in the header. You can then include it in the Authorize header for all subsequent requests. – Starscream1984 Sep 08 '15 at 09:45
  • 'bearer token' in response body is working out. I could read it and send same in subsequent 'Authorization' request headers. Is it not an issue to send 'bearer token' in response body, as a security concern? – Madhura KM Sep 08 '15 at 11:29
  • 1
    Token value is just as readable by 3rd party interception in a header as it is in the body - use SSL to encrypt everything – Starscream1984 Sep 08 '15 at 11:33

0 Answers0