Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
kunashe19688yI think its possible if you proxy the href to point to an intermediate script on the server.
The proxy script can then inject the auth header and pass the request onto the PDF endpoint. -
@kunashe I thought of that too...but how would the proxy know who you are? Especially if we are sessionless like REST constraints call for?
-
kunashe19688y@deusprogrammer is it not possible to send the data you planned to put in the xhr as parameters in the uri to the proxy?
-
Canilho3158yyes it is possible.
you can "build" your PDF file in the client, from the Rest response, therefore you don't have any cross origin issues or something alike.
Can someone help me settle an argument with a coworker?
So let's say there is a REST interface that returns a PDF representation of an resource...but it requires the authorization header in order to authorize that you have access to the document in question.
And let's say there is a link on the page that redirects to this endpoint to serve up the document. He thinks you can add a header to the HTTP request that goes out when you click on the link (a regular old anchor tag) with onclick without making an xhr call.
I told him that you would have to use an xhr call to add headers, and that even then you would receive a byte stream back, which without using a blob and an object url or a data uri you wouldn't be able to display it in a new tab or start a download.
Regardless he went on to tell me I was wrong. The next day he said he had done it. I asked him to show me, and he said "oh it's at home", and then proceeded to ridicule me in front of my architect. He always pulls this one up's man ship bullshit and I hate it. And I am pretty sure he's wrong.
undefined