0

On site1.domain.com I am running a greasemonkey script that takes in user credentials to authenticate to site2.domain.com and pull the entire page and parse out a server generated token that is needed to complete the rest of the script running on site1.domain.com and then make another URL GET to site2.domain.com. 

xmlhttp.open("GET", url, false, username, password );

is the call I'm attempting but I'm receiving the error "NS_ERROR_DOM_BAD_URI: Access to restricted URI denied". I looked around and I understand that there are complications with this type of functionality but I haven't figured out what I need to do in this situation.

EDIT: Tried this using verisons of the code below but receiving Cross-domain error for any datatype other than jsonp but with jsonp I recieve "htmlString is undefined". I also tried defining the return value as a String and in that case I received "6" (without any manipulation).

var htmlString = getPage(url,username, password);
var index = htmlString.indexOf("Token");
//some other code that parses out just the token, shown as "finalString" in the end
$("#logMessage").text (finalString);

function getPage(url, username, password) {
return $.ajax({
    type: "GET",
    url: url,
    dataType: 'jsonp',
    async: false,
    beforeSend: function (xhr){ 
       xhr.setRequestHeader('Authorization', btoa(username + ":" + password)); 
   }
}).responseText;
}
user2680142
  • 59
  • 1
  • 10
  • Check out http://stackoverflow.com/questions/5507234/how-to-use-basic-auth-and-jquery-and-ajax – Charlie Schliesser Jul 02 '14 at 18:17
  • Provided an edit to address issues I've had with the suggested link. – user2680142 Jul 02 '14 at 21:25
  • You can't POST to a non-CORS supported domain. I think that will be the underlying issue. – Charlie Schliesser Jul 02 '14 at 23:52
  • I'm confused on how this is a POST. I'm trying to pull a copy of a site that uses basic authentication. Is this impossible? Would using an iframe be the correct way to go about this? – user2680142 Jul 03 '14 at 16:44
  • Well, perhaps you can do this via GET by sending the correct header, but I still am not sure whether or not you can do this cross domain: `"Authorization: Basic " + base64_encode(username + ':' + password)`. – Charlie Schliesser Jul 03 '14 at 17:13
  • Thanks for the help. I still haven't figured this out but I'll post more if I get this working. This is my first attempt at a greasemonkey script. Seems odd that simply copying page contents is this difficult! – user2680142 Jul 03 '14 at 17:29

0 Answers0