RadzenUpload doesn't send cookies

adrianj · January 6, 2024, 12:36pm

When using a cookie authenticated API scheme with the API on a different domain, RadzenUpload is ineffective because it doesn't post the cookie. Cookie header cannot be added by RadzenUploadUpload headers because, I guess, the browser is stripping it as "withCredentials" is false.

Could we add "xhr.withCredentials = true;" after line 617 so that it does? Or even make it a "WithCredentials" option on the component?

github.com

radzenhq/radzen-blazor/blob/1a26487df338abfa8585b92f4acbc043735f8936/Radzen.Blazor/wwwroot/Radzen.Blazor.js#L617


      
              uploadComponent.files = Array.from(fileInput.files);
          }
          var data = new FormData();
          var files = [];
          var cancelled = false;
          for (var i = 0; i < uploadComponent.files.length; i++) {
            var file = uploadComponent.files[i];
            data.append(parameterName || (multiple ? 'files' : 'file'), file, file.name);
            files.push({Name: file.name, Size: file.size});
          }
          var xhr = new XMLHttpRequest();
          xhr.upload.onprogress = function (e) {
            if (e.lengthComputable) {
              var uploadComponent =
                Radzen.uploadComponents && Radzen.uploadComponents[fileInput.id];
              if (uploadComponent) {
                var progress = parseInt((e.loaded / e.total) * 100);
                uploadComponent.invokeMethodAsync(
                  'RadzenUpload.OnProgress',
                  progress,
                  e.loaded,

korchev · January 6, 2024, 5:46pm

Hi @adrianj,

You can open a pull request with the suggested changes. We will gladly accept it. I think we can do xhr.withCredentials = true by default (without a new parameter).

material · April 19, 2024, 9:58am

Hi @korchev ，
I think it can be with a new parameter , that will make it better , and avoiding unnecessary errors, api development shouldn't be too complicated