我想使用基本身份验证对 BigCommerce API ( https://developer.bigcommerce.com/api ) 进行 API 调用。
我的 AJAX 调用如下所示:
$.ajax({
type: 'GET',
url: 'https://store-zkk8z5i.mybigcommerce.com/api/v2/products',
xhrFields: {
withCredentials: true
},
headers: {
'Authorization': 'Basic ' + MY_TOKEN,
'Accept': 'application/json'
},
success: function (event) {
debugger
},
error: function (error) {
debugger
}
});
但我不断收到以下错误:
XMLHttpRequest cannot load https://store-zkk8z5i.mybigcommerce.com/api/v2/products. Response to preflight request doesn't pass access control check: A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin 'http://store-zkk8z5i.mybigcommerce.com' is therefore not allowed access. The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.
我非常确定我的凭据没问题,因为当我使用 cURL 发出请求时,我得到了成功的响应。
有什么想法吗?
最佳答案
I'm pretty sure that my credentials are okay
这根本不是重点。查看错误信息:
A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true.
由于您要发送凭据,因此不能对 Access-Control-Allow-Origin
使用通配符。
您必须说 Access-Control-Allow-Origin: http://store-zkk8z5i.mybigcommerce.com
而不是 Access-Control-Allow-Origin: *
.
关于javascript - 由于 CORS,无法对 BigCommerce API 进行身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36167082/