Angular 2 REST请求HTTP状态代码401更改为0 [英] Angular 2 REST request HTTP status code 401 changes to 0
问题描述
我正在开发Angular2应用程序.看来,当我的访问令牌到期时,响应"对象中的401 HTTP状态代码被更改为0值.我收到401未经授权,但ERROR响应对象的状态为0.这使我无法捕获401错误并尝试刷新令牌.是什么原因导致401 HTTP状态代码更改为HTTP状态代码0?
I'm developing an Angular2 application. It seems when my access-token expires the 401 HTTP Status code gets changed to a value of 0 in the Response object. I'm receiving 401 Unauthorized yet the ERROR Response object has a status of 0. This is preventing me from trapping a 401 error and attempting to refresh the token. What's causing the 401 HTTP status code to be changed into HTTP status code of 0?
这是Firefox控制台的屏幕截图:
Here's screenshot from Firefox's console:
这是我的代码:
get(url: string, options?: RequestOptionsArgs): Observable<any>
{
//console.log('GET REQUEST...', url);
return super.get(url, options)
.catch((err: Response): any =>
{
console.log('************* ERROR Response', err);
if (err.status === 400 || err.status === 422)
{
return Observable.throw(err);
}
//NOT AUTHENTICATED
else if (err.status === 401)
{
this.authConfig.DeleteToken();
return Observable.throw(err);
}
else
{
// this.errorService.notifyError(err);
// return Observable.empty();
return Observable.throw(err);
}
})
// .retryWhen(error => error.delay(500))
// .timeout(2000, new Error('delay exceeded'))
.finally(() =>
{
//console.log('After the request...');
});
}
此代码位于自定义的http服务中,该服务扩展了Angular2的HTTP,因此我可以在单个位置拦截错误.
This code resides in a custom http service that extends Angular2's HTTP so I can intercept errors in a single location.
在Google Chrome浏览器中,我收到以下错误消息:
In Google Chrome, I get this error message:
XMLHttpRequest无法加载 https://api.cloudcms.com/repositories/XXXXXXXXXXXXXXXX/branches/XXXXXXXXXXXXXXXX/nodesXXXXXXXXXXXXXXXX .所请求的资源上没有"Access-Control-Allow-Origin"标头.因此,不允许访问来源" http://screwtopmedia.local.solutiaconsulting.com .响应的HTTP状态码为401.
XMLHttpRequest cannot load https://api.cloudcms.com/repositories/XXXXXXXXXXXXXXXX/branches/XXXXXXXXXXXXXXXX/nodesXXXXXXXXXXXXXXXX. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://screwtopmedia.local.solutiaconsulting.com' is therefore not allowed access. The response had HTTP status code 401.
这令人困惑,因为我在请求中包含"Access-Control-Allow-Origin"标头.
This is confusing because I am including 'Access-Control-Allow-Origin' header in request.
以下是在Google Chrome浏览器中收到的结果的图片:
Here's a picture of results received in Google Chrome:
我尝试访问"WWW-Authenticate"响应标头作为捕获401的一种方法.但是,以下代码返回NULL:
I've tried accessing 'WWW-Authenticate' Response Header as a means to trap for 401. However, the following code returns a NULL:
err.headers.get("WWW-Authenticate")
令人困惑的是,我遇到了CORS问题,因为在提供有效的访问令牌时我没有遇到任何CORS错误.
It's puzzling that I'm getting a CORS issue because I'm not getting any CORS errors when a valid access token is provided.
如何捕获401 HTTP状态代码?为什么将401 HTTP状态代码更改为0?
How do I trap for 401 HTTP status code? Why is 401 HTTP status code being changed to 0?
感谢您的帮助.
推荐答案
我为Cloud CMS工作.我可以确认我们在API调用上正确设置了CORS标头.但是,对于401响应,标头未正确设置.该问题已解决,该修复程序将在本周末在公共API上提供.
I work for Cloud CMS. I can confirm that we properly set CORS headers on API calls. However, for 401 responses the headers are not getting set properly. This has been resolved and the fix will be available on the public API at the end of this week.
顺便说一句,如果您使用我们的JavaScript驱动程序 https://github.com/gitana/gitana-javascript -driver 而不是直接写入API,而是自动处理重新认证流程,您根本不需要捕获401错误.
BTW if you use our javascript driver https://github.com/gitana/gitana-javascript-driver instead of writing to the API directly then the re-auth flow is handled automatically and you do not need to trap 401 errors at all.
这篇关于Angular 2 REST请求HTTP状态代码401更改为0的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
