浏览器不遵循从Ajax响应重定向（PHP生成的响应使用CAS认证） [英] Browser doesn't follow redirect from an AJAX response (PHP-generated response is using CAS authentication)

问题描述

好了，它看起来像我与我最初的问题是错误的。所以，这里有一些修正。答案仍然适用，因为当没有在协议HTTPS的变化（SSL）第二重定向被停止。

Ok, It looks like I made a mistake with my initial question. So, here are some corrections. The answer still applies, because the second redirect is stopped when there is a change in protocol to HTTPS (SSL).

在我的情况，我有一个重定向发生多次，浏览器不遵循第二重定向。 第一重定向之后，但返回一个错误。

In my case, I have a redirect occurring multiple times, and the browser doesn't follow the second redirect. The first redirect is followed but returns an error.

我继续读了自动跟随包含的JavaScript重定向AJAX响应，但它看起来就像没有我的情况。第一重定向自动执行浏览器，并且所述第一重定向而不以下在标题中的第二重定向返回。我的问题是，我要自动执行所有的浏览器的重定向。

I keep reading that JavaScript AJAX responses containing redirects are followed automatically, but it look like not in my case. The first redirect is automatically followed by the browser, and the first redirect is returned without following the second redirect in the header. My problem is that I want all the redirects to be automatically followed by the browser.

在重定向是phpCAS库的一部分。我有一个PHP编写的API，它在返回结果前检查用户身份验证，每个时间。

The redirects are part of the phpCAS library. I have an API written in PHP which checks the user authentication, each time, before returning the results.

下面是该序列。主要是要注意的是，浏览器返回第二反应，之后1重定向之后。我想preFER它去一路返回的最后一个回应时，我做一个AJAX调用本地主机/例子/ API 。

Here is the sequence. The main thing to note is that the browser returns the second response, after following 1 redirect. I would prefer it went all the way and returned the last response when I make an AJAX call to localhost/example/api.

本地主机/例子

• 呼叫本地主机/例子/ API 使用jQuery.ajax（）

• Calls localhost/example/api using jQuery.ajax()

回应1：本地主机/例子/ API

• 重定向到的https：//本地主机/帐号/ CAS /登录服务= api.example.com和放大器;网关=真（使用SSL）
。

• Redirects to https://localhost/accounts/cas/login?service=api.example.com&gateway=true (using SSL).

响应2：？（SSL）本地主机/帐号/ CAS /登录服务= api.example.com和放大器;网关=真

• 当查询键门户是present，登录只需重定向回带或不带票所提供的服务项中的URL（信号以服务用户正在登录时或不）。

回应3：本地主机/ API票= TICKET

• 验证车票和重定向回自己没有票。

响应4：本地主机/ API

• 这一次的CAS客户端着眼于$ _SESSION记住什么票了，然后处理API请求返回JSONP。

还有我使用的是CAS过的OpenID或OpenAuth（orization）没有特别的理由。 CAS只是第一个验证模块我能得到在Word preSS工作。我愿意接受建议，使用不同的认证库，CMS，框架等。虽然，我的希望是刚刚得到这个项目建成后的条款。因此，少重工装越好。

There's no particular reason I'm using CAS over OpenID or OpenAuth(orization). CAS was just the first authentication module I was able to get working in WordPress. I am open to suggestions in terms of using a different authentication library, CMS, framework, etc. Although, my hope is to just get this project finished. So the less re-tooling the better.

推荐答案

正如你后来发现自己是在您的评论加入，Ajax请求受到的同源策略。

As you later found yourself as you added in your comments, ajax requests are subject to same origin policy.

是的，你可以使用JSONP - 但是，如果你足够幸运，有只支持IE8及以上，的 CORS 可能是一个更好的解决方案。

Yes, you could use JSONP - however, if you are fortunate enough to have to support only IE8 and upwards, CORS might be a better solution.

基本上，添加标题如

access-control-allow-origin: http://api.example.com
access-control-allow-credentials: true

到你的服务器的回答，您可以解决跨起源策略。

to your server answer, you could work around cross origin policy.

另请参阅此 jQuery的门票使它有点用jQuery工作。

Also see this jQuery ticket to make it kinda work with jQuery.

这篇关于浏览器不遵循从Ajax响应重定向（PHP生成的响应使用CAS认证）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！