Home/ Questions/Q 6125781
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T16:17:15+00:00

I am working on a chrome extension that works with the Basecamp API. I

  • 0

I am working on a chrome extension that works with the Basecamp API.

I have a background page doing all my XMLHttpRequests to the API. I’m not using OAuth, but the basic HTTP Authorization with the API Token.

In my background page, I will do requests like this:

var xmlReq = new XMLHttpRequest();
xmlReq.onreadystatechange = function(){ doSomething(xmlReq.responseXML); };

xmlReq.open(
  'GET', 
  'https://mycompany.basecamphq.com/projects.xml',
   true, 
   access_token, 
   'x'
);

xmlReq.send(null);

That all works fine, but the problem is after I use the extension to make a request, the HTTP Request header Authorization is being sent whenever I browse to https://mycompany.basecamphq.com, which make certain things not work on Basecamp’s web interface. How can I make a request in my extension with basic HTTP Authorization but not have the header in my regular browser requests?

Yeah, confusing question. I’ll try to clarify it if you have questions. Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I believe I have figured out a solution.

    By using the xmlhttpresponse.setRequestHeader() function, if I manually set the authorization header, it doesnt stay persistent.

    So using this modified version of the above code:

    xmlReq.open(
  'GET', 
  'https://mycompany.basecamphq.com/projects.xml',
   true);

xmlReq.setRequestHeader("Authorization", "Basic "+base64_encode(access_token+":x"));

xmlReq.send(null);

    I used the base64_encode function found in the phpjs.org library.

    • 0