cy.intercept to set Authorization header doesn't seem to work with POST

[dgrant]

I'm using cy.intercept to set Authorization header on my requests.

    cy.intercept('GET', /https:\/\/[a-z\-]*\.myurl\.com.*/, (req) => {
      req.headers['Authorization'] = `Bearer ${window.localStorage.getItem('IAP_JWT')}`
    }).as('intercept for GET')

    cy.intercept('POST', /https:\/\/[a-z\-]*\.myurl\.com.*/, (req) => {
      req.headers['Authorization'] = `Bearer ${window.localStorage.getItem('IAP_JWT')}`
    }).as('intercept for POST')

The GET works fine but for some reason the POST does not. Cypress is intercepting it properly, but the Authorization header does not seem to be getting set in the POST case.

As you can see in the screenshot, the POST intercept is getting used but the Authorization does not seem to be getting set. I'm getting an error from the server complaining of an empty token. If I remove the setting of the header, then I still get the same error on the server. So the error I get when I set the header is the same as when I don't. So it's as if the header is not being set.

Anyone else having issues with cy.intercept and POST?

[flotwig]

What version are you using? I wonder if this is a CORS issue, there have been some changes that automatically set CORS responses recently that may help if so. Try updating if you're not on the latest.

[arananegra]

I'm having the same issue. For some reason the request is triggering the basic auth prompt. I've tried using both the "auth" object and adding the Authorization header.

			cy.intercept(
				{
					method: 'POST',
					url: Cypress.env('API_BASE_DEVELOPERS_URL') + '/author/login',
					auth: {
						username: '1234',
						password: '1234',
					},
				},
				(req) => {
					req.headers['Authorization'] = `Basic MTIzNDoxMjM0`;
					req.continue((res) => {
						res.send({
							statusCode: 200,
							body: {
								data: {
									id: 1,
									username: 'username',
									author: 0,
									extern: 0,
									staff: 0,
									mail: '[email protected]',
									signUpTimestamp: Date.now(),
									acceptedTerms: 1,
									lastAccess: Date.now(),
									translator: 1,
									translatorMod: 0,
									organizationName: 'SA',
									organizationID: 208,
								},
							},
						});
					});
				}
			);

Which end up:

[oleg-dev]

It can be related with the redirection.
For example: you request the one URL and set for this URL basic auth, but this URL redirects to another URL/URLs and the last URL requests input of login and password.
I tried to fix it with interceptors (adding headers with Basic auth), but it was not successfully (
Now I am finding fix for it (