是否有可能使JavaScript和设置自定义页眉跨域请求？ [英] Is it Possible to Make Cross-Domain Requests in Javascript AND Set Custom Headers?

问题描述

由于无法应用自定义页眉上JSONP调用 ，我怎么做跨域请求，并使用jQuery应用自定义页眉？

Since you can't apply custom headers on JSONP calls, how do I make cross domain requests AND apply custom headers using jQuery?

基本上，我试图访问谷歌文档与jQuery和需要通过身份验证令牌：

I'm basically trying to access google docs with jQuery and need to pass an authentication token:

var token = "my-auth-token";
$.ajax({
  url: "http://docs.google.com/feeds/documents/private/full?max-results=1&alt=json",
  dataType: 'json',
  beforeSend: function(xhr) {
    xhr.setRequestHeader("Authorization", "GoogleLogin auth=" + token);
  },
  success: function(data, textStatus, XMLHttpRequest) {
  },
  error: function(XMLHttpRequest, textStatus, errorThrown) {
  }
});

请注意：这样做的目的是的完全的绕过应用层。这是简单的使用Ruby连接到谷歌数据API，但它占用了大量的资源解析提要所有的时间服务器端。

Note: The goal of this is to completely bypass the application layer. It's simple to use ruby to connect to the Google Data API, but it takes up a lot of resources parsing feeds all the time server-side.

推荐答案

您可以使用谷歌的JavaScript客户端库查询文档的API。虽然没有附带帮手文档具体而言，它仍然可以用于大多数的API，包括文档。看到这个博客文章由谷歌的员工表示工作的例子。

You can use Google's JavaScript client library to query the Docs API. Although it doesn't come with helpers for Docs specifically, it can still be used with most APIs, including Docs. See this blog post by a Google employee that shows a working example.

如果你最终在授权的无限循环，看到这的有关从谷歌小组的问题。基本上，饼干没有得到设定速度不够快，所以当客户端的JavaScript库检查，发现没有什么和重定向到OAuth的认证页面。一个解决办法是要么增加一个小的延迟检查完成之前，或使用登录按钮启动在页面加载做它的授权来代替。

If you end up in an infinite loop of authorizations, see this related question from Google groups. Basically, the cookies aren't getting set fast enough, so when the JavaScript client library checks, it finds nothing and redirects to the OAuth authorization page. A solution is to either add a small delay before the check is done, or use a login button that initiates the authorization instead of doing it on page load.

您还需要任何图像添加到您的网页驻留在同一个域。它可以隐藏利用CSS，只要在DOM

You would also need to add any image to your page that resides on the same domain. It can be hidden with CSS, as long as in the DOM.

使用上述博客文章的例子，我能找回我的文档列表的JavaScript孤单。下面是修改后的初始化函数我曾经摆脱了无限授权循环的：

Using the example in the above blog post, I was able to retrieve my documents list with JavaScript alone. Here's the modified initialize function I used to get rid of the infinite authorization loop:

function initialize() {
    var scope = 'http://docs.google.com/feeds/';

    if (google.accounts.user.checkLogin(scope)) {
        var service = new google.gdata.client.GoogleService('writely', 'DocList-App-v1.0');   
        service.getFeed(scope + 'documents/private/full/', handleFeed, handleError);  
    } else {
        var loginButton = $("<button>Click here to login</button>");
        loginButton.click(function() {
            var token = google.accounts.user.login(scope); // can ignore returned token  
        });
        $("body").append(loginButton);
    }
};  
​

这篇关于是否有可能使JavaScript和设置自定义页眉跨域请求？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！