Description
At the moment there is no possibility in the proxy to request resources that need authorization. If you add 'authorization' headers those are meant for access of the proxy.php file and will be filtered by most web servers like apache, iis or nginx. Each them have abilities to turn this option off. But I don't think that is a proper solution because you might want to protect the proxy with authorization, too - Therefore you need two different authorization headers.
I needed a solution for this, so i researched a little bit and encounterd the 'Proxy-Authorization' and 'Proxy-Authenticate' headers which would normally be fitting perfectly for this cause - but this is not meant to be used in scripts running inside the browser. For security reasons. The w3 standard prohibts using any header starting with 'Proxy-'.
So I created a solution in our version of the proxy which uses a custom http header named 'X-Proxy-Forward-Authorization' where the authorization information can be saved which will be used to access the resource.
If you are interested i can provide a pull request.