在授权标头和CORS中使用访存 [英] Using Fetch with Authorization Header and CORS

问题描述

我正在尝试获取我似乎无法正常工作的在线游戏API的请求.我使用的是 Fetch API，有些请求需要 Authorization Bearer令牌，但是该请求永远不会与授权标头一起发送.

I'm trying to get my request to go through to a online game API that I can't seem to get working. I'm using the Fetch API, and some request require Authorization Bearer token, but the request never gets sent with the authorization header.

我尝试过

mode: 'no-cors',
credentials: 'include'

并且显然将Authorization放在标题中，就像这样

and obviously putting the Authorization in the header like so

header: { 'Authorization': 'Bearer TOKEN' }

，但请求仍未获得授权.谁能指出我正确的方向?

but the request still does not go with the authorization. Can anyone point me in the right direction?

编辑 这是我发出请求的方式

EDIT Heres the way I am making the request

fetch(URL, {
  credentials: 'include',
  header: {
    'Authorization': 'Bearer TOKEN'
  }
})

推荐答案

阅读文档

可以通过查询参数或HTTP标头传递密钥.激战API 服务器不支持预检的CORS请求，因此，如果您的 应用程序正在用户的浏览器中运行，您需要使用 查询参数.

Keys can be passed either via query parameter or HTTP header. Guildwars API servers do not support preflighted CORS requests, so if your application is running in the user's browser you'll need to use the query parameter.

要通过查询参数传递信息，请在您的 请求.

To pass via query parameter, include "?access_token=" in your request.

这篇关于在授权标头和CORS中使用访存的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！