> I think flash player is trying to be consistent by disallowing such headers.
Yep, majority of the time flash player will strip any custom headers you set. However, in the case of a POST request with data in the body, you can supply your own custom headers. I did notice in your screen capture that the body of the request was empty. In that case, indeed the headers will then be stripped out by the flash player. Have you tried to also set the contentType to be application/x-www-form-encoded-values? That will ultimately affect how the message body gets built out. You can trace down into the SDK to see where that happens. Can't remember right off hand right now. I'll check later on when I get into the office for that and the right contentType string value. I think I got it right though. Chris Sent from Windows Mail From: OmPrakash Muppirala Sent: Thursday, March 26, 2015 1:56 AM To: users@flex.apache.org On Mar 25, 2015 10:16 PM, "Deepak MS" <megharajdee...@gmail.com> wrote: > > Sorry, was away for sometime. > > I ran it through network monitor in FB. > Screenshot: http://pasteboard.co/25kUwXgR.png > > Looks like header is not passed at all. > > Code: > var req:URLRequest = new URLRequest(pathRemote); > req.method = URLRequestMethod.POST; > req.data = new URLVariables("name=John+Doe"); > > var encoder:Base64Encoder = new Base64Encoder(); > encoder.insertNewLines = true; > encoder.encode("myusername:mypassword"); > > > var credsHeader:URLRequestHeader = new > URLRequestHeader("Authorization", "Basic " + encoder.toString()); > req.requestHeaders.push(credsHeader); > remoteURLStreamer.load(req); > > > I looked at the doc: > http://help.adobe.com/en_US/FlashPlatform/reference/actionscript/3/flash/net/URLRequestHeader.html > > It says: > "In Flash Player and in Adobe AIR content outside of the application > security sandbox, the following request headers cannot be used > Accept-Charset, Accept-Encoding, Accept-Ranges, Age, Allow, Allowed, > Authorization, Charge-To, Connect, Connection, Content-Length, > Content-Location, Content-Range, Cookie, Date, Delete, ETag, Expect, Get, > Head, Host, If-Modified-Since, Keep-Alive, Last-Modified, Location, > Max-Forwards, Options, Origin, Post, Proxy-Authenticate, Proxy-Authorization, > Proxy-Connection, Public, Put, Range, Referer, Request-Range, Retry-After, > Server, TE, Trace, Trailer, Transfer-Encoding, Upgrade, URI, User-Agent, > Vary, Via, Warning, WWW-Authenticate, x-flash-version." > > Why does header request cannot have 'Authorization' object? So how else can > we pass the header request? > The http requests go through the browser. Different browsers have different rules about how the headers are handled. I think flash player is trying to be consistent by disallowing such headers. One approach you could take is use the as3httpclent library, which allows you to more reliably pass the http headers you want to send, an authorization header in your case. Thanks, Om > On Thu, Mar 26, 2015 at 10:04 AM, Chris Martin <chrsm...@outlook.com> wrote: > > > Yeah, a network packet log would be a huge help. Then you can rule out > > whether or not the Authorization header is present in your request or not. > > I use fiddler[1] all the time. Also it makes it easy to detect if > > something else went wrong at the server side like your authentication > > request failed with a 403 Forbidden response. > > > > > > > > > > > > > > [1] http://www.telerik.com/fiddler > > > > > > Chris > > > > > > Sent from Windows Mail > > > > > > > > > > > > From: Tom Chiverton > > Sent: Tuesday, March 24, 2015 2:24 AM > > To: users@flex.apache.org > > > > > > > > > > > > Do you have a network packet log ? > > > > Tom > > > > On 24/03/15 04:25, Deepak MS wrote: > > > Any help on this please? I still haven't found any solution for this. I > > > keep getting username\password prompt on the simulator. ;( > > > > > > On Mon, Mar 16, 2015 at 7:30 PM, Deepak MS <megharajdee...@gmail.com> > > wrote: > > > > > >> Hello, > > >> I'm trying to download a file from the server which requires basic > > >> authentication(need to enter user name and password to access). > > >> > > >> I came across these links: > > >> > > >> > > http://stackoverflow.com/questions/509219/flex-3-how-to-support-http-authentication-urlrequest > > >> > > >> > > http://johncblandii.com/2011/07/flex-quick-tip-urlrequest-basic-auth.html > > >> > > >> http://blog.derraab.com/2010/02/25/urlrequest-with-http-authentication/ > > >> > > >> Tried all of it. I either get IO error or I get windows authentication > > >> popup window when I run the mobile app on my desktop. > > >> > > >> None of it seem to work. I'm using Flex4.14\AIR16. > > >> > > >> Screenshot: > > >> http://pbrd.co/18wmsZK > > >> > > >> > > >> Code that I have been trying: > > >> > > >> <?xml version="1.0" encoding="utf-8"?> > > >> <s:View xmlns:fx="http://ns.adobe.com/mxml/2009"; > > >> xmlns:s="library://ns.adobe.com/flex/spark" title="Contact" > > > >> <s:layout> > > >> <s:VerticalLayout/> > > >> </s:layout> > > >> <fx:Script> > > >> <![CDATA[ > > >> import mx.events.FlexEvent; > > >> import mx.utils.Base64Encoder; > > >> > > >> private var remoteURLStreamer:URLStream= new URLStream(); > > >> > > >> private var pathRemote:String = ' > > >> http://myserver.com/datafiles/myfile.zip'; > > >> > > >> private function startRemoteFileDownload():void > > >> { > > >> URLRequestDefaults.setLoginCredentialsForHost(' > > >> www.myserver.com','myusername','mypassword'); // not working > > >> > > remoteURLStreamer.addEventListener(ProgressEvent.PROGRESS, > > >> remoteURLStreamerProgressHandler); > > >> > > remoteURLStreamer.addEventListener(IOErrorEvent.IO_ERROR, > > >> remoteURLStreamerIOErrorHandler); > > >> > > >> remoteURLStreamer.addEventListener(SecurityErrorEvent.SECURITY_ERROR, > > >> remoteURLStreamerSecurityErrorHandler); > > >> > > >> var req:URLRequest = new URLRequest(pathRemote); > > >> > > >> req.method = URLRequestMethod.POST; > > >> > > >> req.data = new URLVariables("name=John+Doe"); //(one > > post > > >> suggests to pass dummy parameters to data) not working > > >> > > >> var encoder:Base64Encoder = new Base64Encoder(); > > >> encoder.insertNewLines = true; > > >> encoder.encode("myusername:mypassword"); > > >> > > >> > > >> var credsHeader:URLRequestHeader = new > > >> URLRequestHeader("Authorization", "Basic " + encoder.toString()); //not > > >> working > > >> req.requestHeaders.push(credsHeader); > > >> remoteURLStreamer.load(req); > > >> > > >> } > > >> > > >> private function > > >> remoteURLStreamerProgressHandler(event:ProgressEvent):void > > >> { > > >> > > >> switch (event.type) > > >> { > > >> case "progress": > > >> lb.text = event.bytesLoaded.toString(); > > >> break; > > >> } > > >> } > > >> > > >> > > >> > > >> private function > > >> remoteURLStreamerIOErrorHandler(event:IOErrorEvent):void > > >> { > > >> lb.text = 'IOError'; > > >> } > > >> > > >> private function > > >> remoteURLStreamerSecurityErrorHandler(event:SecurityErrorEvent):void > > >> { > > >> lb.text = 'SecurityError'; > > >> } > > >> > > >> > > >> protected function > > button1_clickHandler(event:MouseEvent):void > > >> { > > >> startRemoteFileDownload(); > > >> } > > >> > > >> ]]> > > >> </fx:Script> > > >> > > >> <s:Button label="hello" click="button1_clickHandler(event)"/> > > >> <s:Label id="lb" text="Hello"/> > > >> </s:View> > > >> > > >> > > >> > > >> Can you kindly let me know if there is something going wrong here? Or is > > >> there any other way to make it work? > > >> > > >> > > > > > > ______________________________________________________________________ > > > This email has been scanned by the Symantec Email Security.cloud service. > > > For more information please visit http://www.symanteccloud.com > > > ______________________________________________________________________ > >
