GET与Postman合作，但没有与Ajax合作？ [英] GET working with Postman, but not with Ajax?

问题描述

我正在尝试从托管某些帐户数据的服务器执行简单的GET请求。该请求需要Authorization标头才能正常运行。我已经执行了GET请求并在Postman中成功检索了数据，但是尝试通过Ajax在Javascript中执行此操作会导致无效的HTTP状态代码405错误。

I'm attempting to do a simple GET request from a server hosting some account data. The request requires an Authorization header in order to function correctly. I have performed the GET request and retrieved the data successfully in Postman, but attempting to do so in Javascript via Ajax results in a "Invalid HTTP status code 405" error.

下面是一个小提琴的链接和邮差设置的屏幕截图。谢谢。！

Below is a link to a fiddle and a screenshot of the Postman settings. Thanks.!

$.ajax({
    beforeSend: function(xhrObj){
            xhrObj.setRequestHeader("Authorization","Bearer tj7LTLycpQC6DRup5BkHUO7uVbYaAZI40");
    },
    type: "GET",
    url: "https://api05.iq.questrade.com/v1/accounts",
    success: function(e){
            console.log(e)
    }
});

http://jsfiddle.net/Ldjbp2j8/1/

POSTMAN SETTINGS

推荐答案

来自Chrome的JS控制台：

From Chrome's JS console:

无法加载资源：服务器响应状态为405（方法不允许）

Failed to load resource: the server responded with a status of 405 (Method Not Allowed)

由于您要添加授权标头，因此您已将请求复杂。这需要浏览器制作预检OPTIONS请求请求发送复杂请求的权限。

Because you are adding an Authorization header, you have made the request complex. This requires the browser to make a preflight OPTIONS request to ask for permission to send the complex request.

您发出请求的服务器正在回复说OPTIONS请求不允许访问该URL。

The server you are making the request to is responding saying that OPTIONS requests are not allowed to that URL.

您需要修改服务器，以便它对预检CORS请求作出适当的响应。

You will need to modify the server so that it responds appropriately to the preflight CORS request.

Postman不需要发出预检请求，因为您的浏览器信任Postman的代码。它不知道它是否可以信任它从JSFiddle（AKA 潜在邪恶的黑客网站）收到的数据与数据api05.iq.questrade.com（AKA 潜在的网上银​​行或公司内联网）网站）愿意与之分享。

Postman doesn't need to make a preflight request because your browser trusts Postman's code. It doesn't know if it can trust the code it received from JSFiddle (AKA potential evil hacker site) with the data api05.iq.questrade.com (AKA potential online banking or company Intranet site) is willing to share with it.

这篇关于GET与Postman合作，但没有与Ajax合作？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！