New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] APIRequestContext not honoring httpCredentials option #16005
Comments
This may also be the cause of the issue mentioned in https://stackoverflow.com/questions/73069593/playwright-basic-authentication-for-api-test. |
Relates #14067 |
Which response status does your backend return? Since not returning 401 when basic auth is used, means also that the browser would not show the basic auth dialog. Thats a workaround in the meantime, to send the header just always: const username = 'John';
const password = 'Doe';
const options = {
headers: {
'Authorization': `Basic ${Buffer.from(`${username}:${password}`).toString('base64')}`
},
};
request.get('http://localhost:8800/manual-header', {headers}); |
The backend returns 401 if no authorization header was included, 403 if an authorization header was included but has incorrect credentials (wrong password, or right password but that user isn't allowed to access that resource), and 200 if the auth header was included and was valid (right password and that user is allowed to access that resource). |
That works fine for basic auth, but looks like there is no way to make Digest auth work |
I can load my pages (which require digest authorization) but even if I reuse the context when using POST or GET the requests fail. This is a blocker for us, unfortunately. |
Why was this issue closed?Thank you for your contribution to our project. This issue has been closed due to its limited upvotes and recent activity, and insufficient feedback for us to effectively act upon. Our priority is to focus on bugs that reflect higher user engagement and have actionable feedback, to ensure our bug database stays manageable. Should you feel this closure was in error, please create a new issue and reference this one. We're open to revisiting it given increased support or additional clarity. Your understanding and cooperation are greatly appreciated. |
I've tested it, and Playwright is sending the |
Related to #13772; I believe this is the same issue, and that the repro in this issue will solve #13772 as well. When a new browser context is created with the
httpCredentials
option,context.request.get
(andpost
and the other methods too, though this repro only demonstratesget
) is not sending anAuthorization
header. ThehttpCredentials
option appears to be ignored; if you want to use HTTP basic auth with an APIRequestContext, you have to create theAuthorization
header yourself.Context:
Code Snippet
First, clone https://github.com/heymagurany/http-echo-service and inspect it to see that it's not going to do anything nefarious, then run it in one terminal window/tab with
node service.js 8800
. Then create and run the following Playwright test in another terminal:Look at the first terminal and the resulting output from the HTTP echo server. When I ran it, I got the following:
Describe the bug
As you can see from the HTTP echo server's output, the request being sent out isn't adding an
authorization: Basic
header even though the context was created with thehttpCredentials
option. I believe from my look through the Playwright code that that option is being honored in actual browsers, but it's completely ignored in APIRequestContext methods. When I create the Authorization header myself (the second request), then it works and the request gets sent out with the HTTP basic auth header that I intended.The text was updated successfully, but these errors were encountered: