带有HTTP授权的Chrome扩展中的XMLHttpRequest在常规页面上继续发送授权标题 [英] XMLHttpRequest in Chrome Extension with HTTP Authorization continues to send Authorization Header on regular pages
问题描述
我有一个后台页面来处理所有的XMLHttpRequests到API。我没有使用OAuth,而是使用API令牌的基本HTTP授权。
在我的后台页面中,我会这样做:
var xmlReq = new XMLHttpRequest();
xmlReq.onreadystatechange = function(){doSomething(xmlReq.responseXML); };
xmlReq.open(
'GET',
'https://mycompany.basecamphq.com/projects.xml',
true,
access_token,
'x'
);
xmlReq.send(null);
这一切都正常,但问题出在我使用扩展发出请求之后,HTTP请求标题每当我浏览至 https://mycompany.basecamphq.com 时都会发送授权,这些授权不会使某些内容在Basecamp的Web界面上工作。我怎样才能在我的扩展与基本的HTTP授权请求,但没有在我的普通浏览器请求头?
是的,令人困惑的问题。如果您有任何问题,我会尽力澄清。谢谢
我相信我已经想出了一个解决方案。通过使用xmlhttpresponse.setRequestHeader()函数,如果我手动设置授权标头,它不会保持持久性。
因此,使用上述代码的修改版本:
xmlReq.open(
'GET',
'https://mycompany.basecamphq.com/projects .xml',
true);
xmlReq.setRequestHeader(Authorization,Basic+ base64_encode(access_token +:x));
xmlReq.send(null);
我使用了phpjs.org库中的base64_encode函数。
I am working on a chrome extension that works with the Basecamp API.
I have a background page doing all my XMLHttpRequests to the API. I'm not using OAuth, but the basic HTTP Authorization with the API Token.
In my background page, I will do requests like this:
var xmlReq = new XMLHttpRequest();
xmlReq.onreadystatechange = function(){ doSomething(xmlReq.responseXML); };
xmlReq.open(
'GET',
'https://mycompany.basecamphq.com/projects.xml',
true,
access_token,
'x'
);
xmlReq.send(null);
That all works fine, but the problem is after I use the extension to make a request, the HTTP Request header Authorization is being sent whenever I browse to https://mycompany.basecamphq.com, which make certain things not work on Basecamp's web interface. How can I make a request in my extension with basic HTTP Authorization but not have the header in my regular browser requests?
Yeah, confusing question. I'll try to clarify it if you have questions. Thanks
I believe I have figured out a solution.
By using the xmlhttpresponse.setRequestHeader() function, if I manually set the authorization header, it doesnt stay persistent.
So using this modified version of the above code:
xmlReq.open(
'GET',
'https://mycompany.basecamphq.com/projects.xml',
true);
xmlReq.setRequestHeader("Authorization", "Basic "+base64_encode(access_token+":x"));
xmlReq.send(null);
I used the base64_encode function found in the phpjs.org library.
这篇关于带有HTTP授权的Chrome扩展中的XMLHttpRequest在常规页面上继续发送授权标题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!