handling 302 redirect with $xhr

[Thomas]

Is it possible to catch a redirect response when using $xhr?

It does not pass $xhr.error, unlike 4xx. I need to handle the 302 vs.
having it followed automagically.

Thanks,
Thomas

[Thomas]

Looks like the 302 will always be handled by the browser and cannot be
intercepted. I had to resolve this by pattern matching the resulting
response. Not pretty but it works.

[Igor Minar]

Yes, XMLHttpRequest object (according to the standard) must automatically handle redirection without giving the client code a chance to do anything about it.

There are some attempts to change this, but afaik nothing has been implemented by browsers yet.

/i

--
You received this message because you are subscribed to the Google Groups "angular" group.
To post to this group, send email to ang...@googlegroups.com.
To unsubscribe from this group, send email to angular+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/angular?hl=en.

[Vojta Jina]

Yes, browser doesn't allow you to handle 302 on your own.

You can use different 2xx status code for redirect and do the redirect by your JS code...

V.

[Michael Hunziker]

Hi all!

We're having a similar issue with http status code 302. We're building an AngularJS App. Authentication is done by a third party proxy who will return http status 302 and redirect to login when the user is not logged in... Unfortunately we cannot change this behaviour as other applications behind the proxy rely on this redirect. Do you have any idea how we could solve this?

As far as I understand there's no way I can handle status 302 in an AngularJS application (https://groups.google.com/forum/#!topic/angular/GKkdipdMbdo), am I right?

A solution offered by the proxy development team was, that they could offer a special servlet that will tell us wether we're logged in or not (and return e.g. status 401). So we would have to make this servlet call before EVERY other rest call from our AngularJS application...

What do you think about this?

Cheers
Michael

[Sander Elias]

Hi Michael,

You can't handle status 302 with javascript! Even angularJS can change anything about that.
However, I guess there is a moment in your app that sends off the user to the authentication server? Before sending them of, store the current user status in localStorage. When the redirect comes back, and your page gets reloaded, you can pick up this status out of localStorage, and set the user on her/his merry way!

Regards

Sander

[Michael Hunziker]

Hi Sander!

Only the proxy knows whether the user is still logged in or not. So as soon as he tries to do a REST call out of the application, and for some reason he is not logged in anymore (maybe he logged out in another browser tab), the proxy would return a 302 redirect... This is where i'm stuck :-(

Michael

[Sander Elias]

Hi Michael,

That makes it only a bit more work. On every ajax call, save your state, when the 302 is resolved, reload the state, and resume with your job. It's a bit of a PITA, but it can be done.

Regards

Sander

[Michael Hunziker]

Hi Sander!

But how can I "resolve" a 302? All I get back after the AJAX call is a response with status code 0...

Here's again what happens exactly:

1. User logs in to our app via SSO proxy.

2. User logs out in another application via SSO proxy, but our app is still open in another browser window.

3. User comes back to our app and clicks a button which will do a REST call.

4. Call arrives at proxy. Proxy immediately returns a 302 redirect to the login-page since the user is not logged in anymore.

5. The response back in the browser looks like this:

Console Error:

XMLHttpRequest cannot load '.../ABC/LOGIN'. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '.../XYZ' is therefore not allowed access. 

The response object in AngularJS looks like this:

Object {data: "", status: 0, headers: function, config: Object}

What I would expect is status code 302 and even the redirect location, so that I could handle the redirect to the login-page in Angular myself... 

Do you see my problem?

Michael

 

--
You received this message because you are subscribed to a topic in the Google Groups "AngularJS" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/angular/GKkdipdMbdo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to angular+u...@googlegroups.com.

To post to this group, send email to ang...@googlegroups.com.

Visit this group at http://groups.google.com/group/angular.
For more options, visit https://groups.google.com/groups/opt_out.

[Michael Hunziker]

What I could do is implement an httpInterceptor which will handle response errors with status code 0. As soon as I get such a response I could trigger a $window.location.reload. This would again trigger the proxy and he would redirect us to the login page.

[Sander Elias]

Hi Michael,

The response object in AngularJS looks like this:

Object {data: "", status: 0, headers: function, config: Object}

What I would expect is status code 302 and even the redirect location, so that I could handle the redirect to the login-page in Angular myself... 

Well, I was assuming you got redirected by the browser. This is way easier to manage! You gave already the solution too!

 

On Wednesday, January 29, 2014 3:28:50 PM UTC+1, Michael Hunziker wrote:

What I could do is implement an httpInterceptor which will handle response errors with status code 0. As soon as I get such a response I could trigger a $window.location.reload. This would again trigger the proxy and he would redirect us to the login page.

Be warned that in the new versions 1.2.9+ you will get an 404 instead of a 0, and yo should also check for the string 'not allowed access' inside your status. Just to make sure you don't direct to the login page on anything then the login failure.

Regards

Sander

 

[Sander Elias]

On Wednesday, January 29, 2014 3:28:50 PM UTC+1, Michael Hunziker wrote:

[Michael Hunziker]

Hi Sander!

Perfect!!! Thank you very much for your help!! I just upgraded to Angular 1.2.9 and i finally get a useful response status code.

Best regards

Michael

[Joseph Lewkovich]

Hello Michael,

I know it has been a while but my team is having trouble with the exact same situation, and I'm wondering if you could share your solution.. We get status=-1, with data=null and blank header data...we need to be able to detect a 302 and redirect to whatever is in the "Location" header (I know the header is present because it shows up in the browser, but not angular app)

Refreshing the $window after a dead status didn't work for us...how can we do this?