API密钥头不发送（或认可）。 Angularjs [英] API-key header is not sent (or recognized). Angularjs

问题描述

我试图访​​问与AngularJS的API，但我得到了以下错误：

I'm trying to access an API with AngularJS but I get the following error:

XMLHttpRequest cannot load http://www.football-data.org/alpha/soccerseasons/398/leagueTable?callback=JSON_CALLBACK. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://purepremier.com' is therefore not allowed access.

这是我的code的服务：

This is my code for the service:

angular.module('PremierLeagueApp.services', []).
  factory('footballdataAPIservice', function($http) {

    var footballdataAPI = {};

    footballdataAPI.getTeams = function() {
        $http.defaults.headers.common['Auth-Token'] = 'token';
      return $http.get('http://www.football-data.org/alpha/soccerseasons/398/leagueTable?callback=JSON_CALLBACK');
    };
    return footballdataAPI;
  });

我使用的认证令牌（API密钥）来访问API，但是根据API老板这个API密钥头不发送或认可。你有什么想法，我怎么能适应code，使这项工作？谢谢！

I use an authentication token (api key) to access the api, but according the API owner this API key header is not sent or recognized. Do you have any idea how I can adapt the code to make this work? thanks!

推荐答案

您应该隐藏在公共网站上发布，如在此之前该API密钥。我劝你重新生成密钥（如果可能），以防万一 - 有备无患

You should hide that API key before posting on a public site such as this. I would advise you regenerate your key (if possible) just in case - better safe than sorry.

假设你的网站的网址为 HTTP：//pure$p$pmier.com '从错误信息时，API应该增加一个'访问控制允许来源标头与您的网站的网址，让您的访问。看看<一个href=\"http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work\">here了解更多信息。

Assuming your site url is 'http://purepremier.com' from the error message, the API should add a 'Access-Control-Allow-Origin' header with your site URL to allow you access. Have a look here for more information.

这是没有直接关系到你的问题，但我注意到你正在设置$ HTTP默认每次getTeams（）被调用。您应该（在href=\"https://docs.angularjs.org/guide/module\" rel=\"nofollow\">运行块

This is not directly related to your problem, but I notice you are setting $http defaults every time getTeams() is called. You should either set this outside of the actual function call (preferably in a run block), or just send the GET request with that header specifically applied. As the API key is specific (I assume) to that call, you may not want to be sending it to anyone and everyone, every time you make a HTTP request.

这篇关于API密钥头不发送（或认可）。 Angularjs的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！