Context
XHR requests with Authorization header over HTTPS (both together) don\'t reach the server, using Safari (IOS and MacOS). But it works with IE, C
I also faced a similar problem with safari where 'Authorization' in the header was not sent in the GET request but it ended up in a simple thing.
I simply appended a '/' at the end of the request URL and it worked for me.
for eg: change URL from '/token' to '/token/'.
In my case, using Laravel, it was just the slash removed by .htaccess. When there is an redirect, by obvious reasons, the headers not are forwarded.
When an HTTP request made via safari is made to any url contains words like login
, token
, etc... safari automatically adds Accept-Encoding
header that brokes al
To solve that you need access to the device that are running the code and change a safari setting that prevent cross-site tracking, this works fine for me.