Originally we sent the authentication in the URL as
http://root:[email protected]/mjpg/video.mjpg?resolution=1024x768&compression=70
and that worked fine. As long as the password wasn't using special characters, this worked. But bad practice and Chrome forced me to do it differently.
The Wireshark header for this request:
GET /mjpg/video.mjpg?resolution=1024x768&compression=70 HTTP/1.1
Host: 172.19.50.30
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: */*
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://172.19.50.30/local/ipsloitering/index.html?&language=en-US
Connection: keep-alive
Authorization: Digest username="root", realm="AXIS_00408CC561BC", nonce="7kRiObt8BQA=b937e181325fd66b88f1179eb1f5efe649c49e66", uri="/mjpg/video.mjpg?resolution=1024x768&compression=70", algorithm=MD5, response="5f31e9a6fe08992737bacd47bf4131a5", qop=auth, nc=00000001, cnonce="33c8306da3831b3a"
To allow for other characters, and use chrome, I used following JS Code:
fetch(url,
{
method:'GET',
headers: {
'Authorization': 'Basic ' + btoa("root:root")
},
}
)
and the response is
GET /mjpg/video.mjpg?resolution=1920x1080&compression=70 HTTP/1.1
Host: 172.19.50.30
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: */*
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://172.19.50.30/local/ipsloitering/index.html?&language=en-US
authorization: Basic cm9vdDpyb290
origin: http://172.19.50.30
Connection: keep-alive
HTTP/1.1 401 Unauthorized
Date: Tue, 11 Dec 2018 08:54:07 GMT
Server: Apache/2.4.27 (Unix) OpenSSL/1.0.2k
WWW-Authenticate: Digest realm="AXIS_00408CC561BC", nonce="LqVkObt8BQA=f5ede433bcdc7b2d1a7b12c0763156e9d45b8972", algorithm=MD5, qop="auth"
Content-Length: 381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
How do I get the fetch() to use Digest, or what is causing this?