HTTP Digest Authentication + CORS


If you are asking a question, please follow this template:

  1. My goal is:
  • To call RPC commands behind HTTP Digest Authentication from a web app using XMLHttpRequest
  1. My actions are:
  1. The result I see is:
  • HTTP Digest unauthenticated response returns 401, but does not include the Cross Origin headers in the response, so the browser blocks the response.
  1. My expectation & question is:
  • How can I get the HTTP Digest unauthenticated nonce response to also return Cross Origin headers?

I’m keen to know if there was an answer :slight_smile: