设置标头并使用$ http POST将数据发送到Pocket api返回CORS [英] setting headers and sending data with $http POST to pocket api returns CORS

问题描述

无法将HTTP发布请求发送到Pocket api以获取请求令牌.我已经有了使用者密钥.问题似乎出在设置标题和在请求中发送数据.在浏览器中查看该请求时，不显示任何标题和数据.

Unable to send a http post request to pocket api for obtaining the request token. I've got the consumer key already. The problem appears to be in setting the headers and sending the data in the request. The request when viewed in the browser displays none of the headers and the data.

配置请求

var req = {
        method:'POST',
        url:'https://getpocket.com/v3/oauth/request',
        headers: { 'Content-Type': "application/x-www-form-urlencoded; charset=UTF8",
                    'X-Accept':'application/x-www-form-urlencoded'
         },
         transformRequest: function(obj) {
            var str = [];
            for(var p in obj)
            str.push(encodeURIComponent(p) + "=" + encodeURIComponent(obj[p]));
            return str.join("&");
        },
        data: pocket_data
    };

    $http(req).then(function(result){console.log(result); 
    },function(error){
        console.log(error);
    });

来自浏览器的请求.我不明白为什么请求方法是OPTIONS而不是POST.

Request from the browser. I don't get why the request method is OPTIONS instead of POST.

Request URL:https://getpocket.com/v3/oauth/request
Request Method:OPTIONS
Status Code:400 Bad Request
Remote Address:52.0.87.91:443

已发送响应标头和请求标头.当我将内容类型设置为application/x-www-form-urlencoded时，我不明白为什么内容类型为text/html.

Response headers and Request headers sent. I don't get why the content-type is text/html when i've set it to application/x-www-form-urlencoded .

 **Response Headers**
view source
Cache-Control:private
Connection:keep-alive
Content-Length:15
Content-Type:text/html; charset=UTF-8
Date:Thu, 04 Feb 2016 07:22:35 GMT
Expires:Thu, 19 Nov 1981 08:52:00 GMT
P3P:policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
Pragma:no-cache
Server:Apache
Set-Cookie:PHPSESSID=ogqn0s0gmjpo24j6oo6rlj6vm6; path=/
Status:400 Bad Request
X-Error:Missing consumer key.
X-Error-Code:138
X-Source:Pocket
**Request Headers**
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, content-type, x-accept
Access-Control-Request-Method:POST
Cache-Control:no-cache
Connection:keep-alive
Host:getpocket.com
Origin:http://localhost:9000
Pragma:no-cache
Referer:http://localhost:9000/create

我什至尝试将content-type设置为'application/json'，但是没有用. 口袋的api文档.

I've even tried setting content-type to 'application/json' , didn't work. The api documentation for pocket.

推荐答案

我遇到了同样的问题.似乎Pocket API没有启用CORS，因为响应不会随CORS标头一起返回(例如Access-Control-Allow-Origin:*)

I'm having the same problem. It looks like the Pocket API doesn't have CORS enabled, because the responses aren't coming back with CORS headers (e.g. Access-Control-Allow-Origin: *)

令人惊讶-我猜这个API主要是在考虑应用程序开发人员的情况下构建的，而不是Web开发人员?这也解释了为什么它可以与curl之类的命令行工具配合使用，因为它们没有与浏览器相同的跨域安全限制.

Kind of surprising - I guess this API is mostly built with app developers in mind, not web developers? This also explains why it works fine with command line tools like curl, because they don't have the same cross-domain security restrictions that browsers do.

这对您而言意味着，您必须编写一个服务器端组件，该组件与您的应用位于同一个域，并充当这些请求的代理.

What this means for you is that you'll have to write a serverside component living alongside the same domain as your app that acts as a proxy for these requests.

这篇关于设置标头并使用$ http POST将数据发送到Pocket api返回CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！