开发者

Prompting for authorization when accessing protected external resources in Chrome

开发者 https://www.devze.com 2023-04-07 15:16 出处:网络
I\'d like to embed external, NTLM authorization protected resources (pictures) from another domain (say, secret.com) in my web page (say, mypage.com). The mypage.com server has no access to those reso

I'd like to embed external, NTLM authorization protected resources (pictures) from another domain (say, secret.com) in my web page (say, mypage.com). The mypage.com server has no access to those resources开发者_开发问答, but the end user does. Also, the end user may or may not have active session with secret.com

If I place <img src='secret.com/1.jpg' /> tag in my page, users with already initialized sessions with secret.com can see the picture, logged out users on IE get automatically authorized, Firefox users get prompted for their credentials, but Chrome just dumps a warning "Resource interpreted as Image but transferred with MIME type text/html." and an error "Failed to load resource: the server responded with a status of 401 (Unauthorized)" in console and displays the default missing picture icon.

However, when accessing secret.com/1.jpg directly, Chrome properly prompts for authorization.

Are there any meta tags/JS tricks/something else that can be used to make Chrome ask for the credentials?

0

精彩评论

暂无评论...
验证码 换一张
取 消