Javascript ES6 modules not passing along .htaccess basic authentication

Question

When I run the following JavasScript, I can successfully log in but not access the modules. How can I pass the authentication to them?

Sample Code

<DOCTYPE html>
<html>  
<head>
    <meta charset="utf-8">
</head>  
<body>
    <script type="module">
        import * as mymodule from "./js/mymodule.js";
        mymodule.runme();
    </script>
</body>
</html>

Opening this with a .htaccess with basic authentication results in GET [...]mymodule.js [HTTP/1.1 401 Authorization Required 1ms] on Firefox 54 (dom.moduleScripts.enabled, it works without .htaccess).

.htaccess

AuthType Basic
AuthName "Internal Area"
AuthUserFile /opt/.../.htpasswd
Require valid-user

Answer 1

It seems that that the HTML is cached by Firefox and you do not authenticate to the server.

You can try the following:

---

Prevent html file caching. Add to .htaccess :

<filesMatch "\.(html)$">
  FileETag None
  <ifModule mod_headers.c>
     Header unset ETag
     Header set Cache-Control "max-age=0, no-cache, no-store, must-revalidate"
     Header set Pragma "no-cache"
     Header set Expires "Sat, 01 Jan 2000 00:00:00 GMT"
  </ifModule>
</filesMatch>

---

use PHP extension for instead of HTML

---