我可以在跨域json请求中设置标头吗？ [英] Can I set headers in cross domain json requests?

问题描述

我已经在互联网上做了一些研究，但我没有设法得到关于这个主题的完整的图片。任何人都可以帮助现在和永远解决这个答案？

这是我到目前为止发现的：

• 可以使用jsonp进行跨域调用。不允许在jsonp调用中更改标头


• 如果服务器允许，可以与json进行跨域调用。

这是我想要做的：

  $。ajax（{
类型：GET，
 crossDomain：true，
 beforeSend：function（request）{
 request.setRequestHeader（Authorization，Bearer+（$（＃accesstoken）。 val（）））; 
}，
 contentType：application / json; charset = utf-8，
 url：myJSonServer + encodeURI（operation），
 dataType： json'，
 cache：false，
 success：callback，
 error：function（jqXhr，textStatus，errorThrown）{alert（textStatus +：+ errorThrown）;} 
 }）; 
  

这是发生了什么：

• 当myJSonServer在同一个域上时，根本没有问题。


• 当myJSonServer位于另一个域上时，会发送请求，

此承载标头是oAuth2标准的一部分。

我知道这个事实，也许这不是最好的解决方案，在浏览器中设置accessToken。我知道我可以使用代理这种情况。

我只是好奇，如果它是或将可能设置标题跨域json请求？

感谢

- 问题已解决

我使用MVC4并添加crossDomainScriptAccessEnabled = true在web.config中。我认为这是足够的，但apsillers的答案解决了我的问题。我现在添加了这在我的web.config：

 < system.webServer> 
< httpProtocol> 
< customHeaders> 
< add name =Access-Control-Allow-Originvalue =*/> 
< add name =Access-Control-Allow-Headersvalue =Authorization/> 
< / customHeaders> 
< / httpProtocol> 
< /system.webServer> 
  

解决方案

使用JSONP，无法设置自定义标题。 / p>

对于CORS，服务器必须发送 Access-Control-Allow-Headers 客户。从 HTML5 Rocks CORS页面：

Access-Control-Allow-Headers ... - 以逗号分隔的支持的请求标头列表。

< blockquote>

因此，您的服务器必须发送一个 Access-Control-Allow-Headers：Authorization ，让浏览器知道向请求的服务器发送授权。没有这个服务器头，浏览器只会发送一些与请求的公共头，并忽略其余。

I have done some research on the internet, but I didn't manage to get the complete picture about this subject. Can anyone help to solve this answer for now and forever?

This is what I found so far:

• It is possible to do cross domain call with jsonp. Altering headers in jsonp call is never allowed
• It is possible to do cross domain call with json if the server allows it.

This is what I am trying to do :

$.ajax({
    type: "GET",
    crossDomain: true,
    beforeSend: function (request) {
        request.setRequestHeader("Authorization", "Bearer " + ($("#accesstoken").val()));
    },
    contentType: "application/json; charset=utf-8",
    url: myJSonServer + encodeURI(operation),
    dataType: 'json',
    cache: false,
    success: callback,
    error: function (jqXhr, textStatus, errorThrown) { alert(textStatus + ": " + errorThrown); }
});

This is what is happening:

• When the myJSonServer is on the same domain, there is no problem at all
• When the myJSonServer is on another domain the request is sent, but without the Bearer header

This Bearer header is part of the oAuth2 standard.

I'm aware of the fact that maybe this is not the best solution, setting the accessToken in the Browser. And I know I could use a proxy for this situation.

I am just curious if it is or will be possible to set the headers on a cross-domain json request?
Thanks

-- Problem solved

I was using MVC4 and added crossDomainScriptAccessEnabled="true" in the web.config. I thought this would be enough, but the answer of apsillers solved my problem. I have now added this in my web.config :

 <system.webServer>
     <httpProtocol>
         <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Headers" value="Authorization" />
         </customHeaders>
      </httpProtocol>
   </system.webServer>

解决方案

With JSONP, setting custom headers is not possible.

With CORS, the server must send the Access-Control-Allow-Headers header to allow uncommon request headers from the client. From the HTML5 Rocks CORS page:

Access-Control-Allow-Headers ... - Comma-delimited list of the supported request headers.

Thus, your server must send a Access-Control-Allow-Headers: Authorization to let the browser know it is permissible to send Authorization to the server with the request. Without this sever header, the browser will only send a few common headers with the request and ignore the rest.

这篇关于我可以在跨域json请求中设置标头吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！