jQuery的CORS内容类型选项 [英] jQuery CORS Content-type OPTIONS

问题描述

我和发送使用jQuery CORS使用自定义内容类型AJAX的身体要求的问题。 这是我的code：

I have issue with sending AJAX body request using jQuery CORS with custom Content-type. Here's my code:

$.ajax({
  url: "http://some-other-domain/my-path",
  type: "POST",
  contentType: "application/json",
  dataType: "json",
  data: JSON.stringify({
    key: 1,
    key2: 2
  }),
  statusCode: {
    200: function(data) {
    }
  },
  xhrFields: {
    withCredentials: true
  },
  crossDomain: true
});

我需要设置内容类型为应用程序/ JSON，因为它是需要服务器端。但是，而不是发送请求的POST jQuery的将它作为选择。

I need to set Content-type as "application/json" as it's require server side. But instead of sending request as POST jQuery sends it's as OPTIONS.

下面是一个头文件：

响应头：

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 03:00:00 EET
Set-Cookie: JSESSIONID=BB9D6783E58FB0F2ADE1924A2F0CBA52; Path=/
Content-Type: text/html;charset=UTF-8
Content-Length: 6233
Date: Fri, 07 Sep 2012 14:41:13 GMT

请求报头：

OPTIONS /my-path HTTP/1.1
Host: MY-HOME-NAME
User-Agent: MY_USER_AGEMT
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Origin: HERE-GOES-DOMAIN
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Pragma: no-cache
Cache-Control: no-cache

CORS的伟大工程，所有必需的头是由服务器发送的，但如果它发出按选项类型。 它是jQuery的问题？

CORS works great, all required headers are sends by server, but not if it sends by OPTIONS type. Is it jQuery issue?

jQuery的 - 1.8.1

jQuery - 1.8.1

推荐答案

这OPTIONS请求是CORS preflight请求。它是发送到服务器的实际请求之前，以问权限进行请求的请求。自定义内容类型实际上是触发preflight。按照CORS规范（ http://www.w3.org/TR/cors/ ），任何内容 - 类型的等的不是应用程序/的X WWW的形式，urlen codeD，多部分/表单数据，或纯文本/触发preflight。

This OPTIONS request is the CORS preflight request. It is a request that is sent to the server before the actual request in order to ask permissions to make the request. The custom Content-Type is in fact triggering the preflight. According to the CORS spec (http://www.w3.org/TR/cors/), any Content-Type other than application/x-www-form-urlencoded, multipart/form-data, or text/plain triggers the preflight.

如果您有在远程服务器上无法控制，那么你就需要或者要求他们支持CORS preflight，或尝试一些其他的选项，如JSON-P。

If you have no control over the remote server, then you'll need to either ask them to support CORS preflight, or try some other option such as JSON-P.

如果你确实有通过远程服务器控件，你可以改变它来处理preflights。为了处理preflight的要求，你应该发送下列头的响应OPTIONS请求：

If you do have control over the remote server, you can change it to handle preflights. In order to handle a preflight request, you should send the following headers in the response to the OPTIONS request:

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Access-Control-Allow-Headers: Content-Type

的响应应该是一个HTTP 200 访问控制 - 允许 - 方法响应头可以呼应访问控制的价值 - 请求法，也可以只是 GET，POST，PUT，DELETE 来支持所有方法。该访问控制 - 允许 - 头响应头应该呼应的访问控制请求报头值请求头。

The response should be an HTTP 200. The Access-Control-Allow-Methods response header can either echo the value of the Access-Control-Request-Method, or it can just be GET, POST, PUT, DELETE to support all methods. The Access-Control-Allow-Headers response header should echo the values in the Access-Control-Request-Headers request header.

在浏览器收到这些头文件，它会使实际的请求。您可以了解更多关于CORS preflight请求位置：

Once the browser receives those headers, it will make the actual request. You can learn more about CORS preflight requests here:

<一个href="http://www.html5rocks.com/en/tutorials/cors/">http://www.html5rocks.com/en/tutorials/cors/

这篇关于jQuery的CORS内容类型选项的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！