how to add authentication header to $window.open
I think you can add this authentication parameters in URL and do a GET in your server side
//Add authentication headers as params
var params = {
access_token: 'An access_token',
other_header: 'other_header'
};
//Add authentication headers in URL
var url = [url_generating_pdf, $.param(params)].join('?');
//Open window
window.open(url);
I think I should update this old question with a correct and secure answer.
You can not add any headers in the HTTP GET request performed by window.open.
The secure way to make an authenticated request is to set the authentication token into a request header, and avoid exposing it into the URL, as my previous answer suggested (I have learned a some things since then).
To download a PDF (or any other binary data) from an authenticated server with AngularJS you should:
- Make an HTTP GET request to the resource sending the authentication token in a header, setting its responseType to a binary data type, for example blob or arraybuffer.
- Download the binary data in a file using the "Save As" dialog from the browser, usually creating a download link for the binary data and clicking it.
I hope this answer to clear doubts on this question and provides a secure way to download a resource from an authenticated REST API.