Login popup is shown when using digest auth despite creating client with proper user data

[Freir96]

I changed the digest option in my client to true, but instead of using the proper login and password I am asked to log in by a popup window showing up when I make any request using WebDAV. After using the same username and password as when I create the client it works fine, but can I disable this popup somehow?

[perry-mitchell]

@Freir96 There's most likely something wrong with the authentication being made.. Any chance you can record the headers when making this request? It'd be important to see what's being sent by the client and what's being received. Just make sure to strip/obfuscate any auth hashes or passwords.

[Freir96]

@perry-mitchell Those are the headers after I refused to fill in the login data on the popup window. Request:

Accept: text/plain
Accept-Encoding: gzip, deflate, br
Accept-Language: pl-PL,pl;q=0.9
Connection: keep-alive
Depth: 1
Host: localhost:4200
Origin: http://localhost:4200
Referer: http://localhost:4200/auth/login
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

Response:

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: DAV, content-length, Allow
allow: OPTIONS,MKCOL,LOCK,POST,PUT
connection: close
content-length: 0
date: Fri, 15 Jan 2021 11:43:39 GMT
dav: 1,2
ms-author-via: DAV
server: webdav-server/2.6.2
www-authenticate: Digest realm="Default realm", qop="auth", nonce="", opaque=""
X-Powered-By: Express

I should probably also mention that I am using proxy to avoid the cors error.

[perry-mitchell]

If you're still working around this error, can you please include your code for review? Obviously after having removed any credentials (please leave the structure the same, however).

[Freir96]

We are currently making some changes in the back-end, that could solve our problem. I will inform you once I learn anything new.