Your documentation → describes how to add a site with HTTP Basic authentication enabled. However, the current version of the Dashboard does not allow you to save a core without successful connection and the AJAX connection checker does not pick up Authorization header even if it is provided before I try to fill the URL of the core.
- Create any Drupal instance and protect it with HTTP Basic authentication (either with .htaccess or with the
Shield →
module).
- Click on Add Core action on the dashboard
- Fill Authorization header as the documentation says
- Fill the URL of the Drupal instance
The core can successfully connected and the Authentication Secret form block and the Save button shows up
AJAX connection checker says Can not connect to this domain.
No log event issued. No exceptions logged.
I can add a site while I remove HTTP Basic authentication and put it back on when DRD Authorization succeeds because as I see, jobs and Drush tasks pick up the headers correctly. But Authorization header (this provides the HTTP Basic / Digest authentication) would be important to picked up during the AJAX check, or alternatively, provide an option to enable saving "faulty" cores that can be re-triggered later.
Needs work
4.0
User interface
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
In the 'Add core' form you have the ability to select a Host, which in turn can have the Authorization headers already set.
If the AJAX post also gets the Host field value send to the backend, the URL checker might be able to utilize that input.
@aoturoa that's correct. However, we should not assume that each core on a host has the same credentials. It should be working with its individual credentials, if present.