Hey, so I have an API that I call in a browser application. The specified API runs on a server that requires a whitelist and HTTP Digest authentication.
To satisfy the whitelisting requirement, I run all API calls through a proxy server, which is white. Calls come from an iFrame, currently populated by a file index.html.
I need to know how I can authenticate through HTTP Digest in the background. Most of the resources that I can find on the Internet seem to include setting the original HTTP digest authentication, but what I'm looking for is to automate login.
Despite the unclassified subject matter, it is somehow important that I keep the digest parameters confused from users. Perhaps I could change the file being served to index.php, and then somehow adjust the headers of the magic? Even then, if calls made through XHR, will index.php headers authenticate a single request?
In general, I was just lost, and the API developers are not very responsive, so I thought that I would go here.
source
share