Hey guys, how are you?
I have a problem creating a project. The main idea is to use an iframe from the dashboard UI, but I need it to be secure and one of the methods I used was nodered's native httpAuth.
My problem is that I can't get past the login using the iframe. The only way I was able to use the iframe while still having httpAuth was by doing the auth like: user:password@host but i received a chrome error below:
test.html:1 Subresource requests whose URLs contain embedded credentials (e.g. https://user:pass@host/
) are blocked. See Chrome Platform Status for more details.
I tried logging in using other methods, such as getting the nodered token and using it as a bearer in a request, but it didn't work.
The only thing I managed to do was make the iframe in the development part of nodered, as the api suggests (Admin API Methods : Node-RED) as you can see in the code below :
function fetchProtectedResource(authToken) {
const url = 'http://user:password@host';
const iframeSrc = url + '?access_token=' + authToken
console.log(iframeSrc)
const iframe = document.createElement('iframe');
iframe.src = iframeSrc;
iframe.width = "800";
iframe.height = "600";
document.body.appendChild(iframe);
}
as a result:
I tried passing the request as basic auth in the header, but it didn't work either.
Does anyone know a solution to this problem?