无法使用Cors和Ajax设置标头 [英] Can't set a header using Cors and Ajax
本文介绍了无法使用Cors和Ajax设置标头的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
您好,我试图用Basic Auth做一个http请求,但我不能设置头授权,并允许在服务器。 / p>
$ .ajax({
xhrFields:{withCredentials:true},
beforeSend:function(xhr){xhr.setRequestHeader('authorization','Basic cmFmmFuQHBoaWlubm92YXRpb25zLmNv =');},
url:'http://www.vozi.dev.br/api/audio'
type:'POST',
data:JSON.stringify(sender),
dataType:'json',
contentType:'application / json',
success :function(data,textStatus,jqXHR){
// do something
}
}
Http请求标题:
Accept:* / *
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en; q = 0.8,pt; q = 0.6
访问控制请求头:接受,授权,内容类型
访问控制请求方法:POST
连接:keep-alive
主机:www.vozi.dev .br
原产地:http:// localhost:8080
Referer:http:// localhost:8080 / act_text.jsp
User-Agent:Mozilla / 5.0(X11; Linux i686)AppleWebKit /537.36(KHTML,like Gecko)Chrome / 31.0.1650.57 Safari / 537.36
Http Response Header: / p>
访问控制允许头:接受,授权,内容类型
访问控制 - 允许方法: GET,POST,OPTIONS
Access-Control-Allow-Origin:*
cache-control:no-cache
连接:Keep-Alive
Content-Type:text / html; charset = UTF-8
日期:Wed,14 May 2014 20:15:53 GMT
Keep-Alive:timeout = 5,max = 100
服务器:Apache / 2.4.6 )
Set-Cookie:PHPSESSID = k6gg748e47b2fv67;路径= /
传递编码:chunked
www-authenticate:基本realm =安全区域
x-debug-token:5373cef9430fe
X-Powered- 5.5.3-1ubuntu2
错误:
选项http://www.vozi.dev.br/api/audio 401(在SecurityContext中找不到令牌。)jquery.js:8706
选项http: //www.vozi.dev.br/api/audio HTTP状态代码无效401 jquery.js:8706
XMLHttpRequest无法加载http://www.vozi.dev.br/api/audio。 HTTP状态代码无效401
解决方案
我发现不使用
Access-Control-Allow-Origin:*
如果我使用
withCredentials:true
必须设置原点。
Hello I am trying to do a http request with Basic Auth, but I can't set the header authorization and it is allowed in server.
Ajax :
$.ajax({
xhrFields: { withCredentials: true },
beforeSend: function(xhr){xhr.setRequestHeader('authorization', 'Basic cmFmmFuQHBoaWlubm92YXRpb25zLmNv=');},
url : 'http://www.vozi.dev.br/api/audio',
type: 'POST',
data: JSON.stringify(sender),
dataType: 'json',
contentType: 'application/json',
success : function(data, textStatus, jqXHR) {
//do something
}
});
Http Request Header:
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,pt;q=0.6
Access-Control-Request-Headers:accept, authorization, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:www.vozi.dev.br
Origin:http://localhost:8080
Referer:http://localhost:8080/act_text.jsp
User-Agent:Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36
Http Response Header:
Access-Control-Allow-Headers:accept, authorization, content-type
Access-Control-Allow-Methods:GET, POST, OPTIONS
Access-Control-Allow-Origin:*
cache-control:no-cache
Connection:Keep-Alive
Content-Type:text/html; charset=UTF-8
Date:Wed, 14 May 2014 20:15:53 GMT
Keep-Alive:timeout=5, max=100
Server:Apache/2.4.6 (Ubuntu)
Set-Cookie:PHPSESSID=k6gg748e47b2fv67; path=/
Transfer-Encoding:chunked
www-authenticate:Basic realm="Secured Area"
x-debug-token:5373cef9430fe
X-Powered-By:PHP/5.5.3-1ubuntu2
Error :
OPTIONS http://www.vozi.dev.br/api/audio 401 (A Token was not found in the SecurityContext.) jquery.js:8706
OPTIONS http://www.vozi.dev.br/api/audio Invalid HTTP status code 401 jquery.js:8706
XMLHttpRequest cannot load http://www.vozi.dev.br/api/audio. Invalid HTTP status code 401
解决方案
I find out that i can't use
Access-Control-Allow-Origin:*
if I am using
withCredentials: true
Is necessary to set the origin.
这篇关于无法使用Cors和Ajax设置标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文