Adding http headers to window.location.href in Angular app

by

When you use $window.location.href the browser is making the HTTP request and not your JavaScript code. Therefore, you cannot add a custom header like Authorization with your token value.

You could add a cookie via JavaScript and put your auth token there. The cookies will automatically be sent from the browser. However, you will want to review the security implications of using a cookie vs. a header. Since both are accessible via JavaScript, there is no additional attack vector there. Unless you remove the cookie after the new page loads, there may be a CSRF exploit available.

More Related Contents:

  1. Send multipart/form-data files with angular using $http
  2. Download text/csv content as files from server in Angular
  3. Send FormData with other field in AngularJS
  4. ionic app cannot connect cors enabled server with $http
  5. $http Auth Headers in AngularJS
  6. What’s the difference between Cache-Control: max-age=0 and no-cache?
  7. How to reload the current state?
  8. AngularJS access scope from outside js function
  9. Adding parameter to ng-click function inside ng-repeat doesn’t seem to work
  10. Can an AngularJS controller inherit from another controller in the same module?
  11. Is there a difference between promise.then.then vs promise.then; promise.then [duplicate]
  12. Why is Cache-Control attribute sent in request header (client to server)?
  13. Testing AngularJS with Selenium
  14. AngularJS : Custom filters and ng-repeat
  15. Standard for adding multiple values of a single HTTP Header to a request or response
  16. Setting HTTP headers
  17. Getting MathJax to update after changes to AngularJS model
  18. What advantage is there in using the $timeout in AngularJS instead of window.setTimeout?
  19. Refreshing page gives “Page not found”
  20. Angular directive name: only lower case letters allowed?
  21. Using the same controller on different elements to refer to the same object
  22. AngularJS – Binding radio buttons to models with boolean values
  23. Angular-ui-router: ui-sref-active and nested states
  24. Filtering an Angular 1.2 ng-repeat with “track by” by a boolean property
  25. AngularJS withCredentials
  26. Angular sanitize / ng-bind-html not working?
  27. Using expression `(“&”)` binding to pass data from AngularJS component to parent scope
  28. AngularJS Dynamic loading a controller
  29. Force HTTP interceptor in dynamic ngSrc request
  30. npm install -g karma error MSB4019: The imported project “C:\Microsoft.Cpp.Default.props” was not found

Leave a Comment