javascript - 如何设置 Http 请求 header 中的值

Question

我正在处理跨源请求来访问我的restful API，所以我想在每个请求的http请求 header 中设置“授权”字段，但不会在 header 中设置...所以这里做错了什么？

我的app.js

'use strict';

var app = angular.module('samepinch', [
    'ngResource',
    'ngCookies',
    'ui.router',
    'toaster',
    'ui.bootstrap',
    'oc.lazyLoad',
    'samepinch.controllers',
    'samepinch.directives',
    'samepinch.factory',
    'samepinch.services',

    // Added in v1.3
    'FBAngular',
    'Config',
    'samepinch.login',
    'samepinch.item',
    'samepinch.common'
]);

angular.module('samepinch.login',[]);
angular.module('samepinch.item',[]);
angular.module('samepinch.common',[])

app.run(function($http)
{
      $http.defaults.headers.common.Authorization = '';
    // Page Loading Overlay
    public_vars.$pageLoadingOverlay = jQuery('.page-loading-overlay');

    jQuery(window).load(function()
    {
        public_vars.$pageLoadingOverlay.addClass('loaded');
    })
});

Controller 是

angular.module('samepinch.login').controller('LoginController',['$scope','LoginService','$rootScope','$http',function($scope,LoginService,$rootScope,$http){

    $rootScope.isLoginPage        = true;
    $rootScope.isLightLoginPage   = false;
    $rootScope.isLockscreenPage   = false;
    $rootScope.isMainPage         = false;

    $scope.register = function(credentials){
        $http.defaults.headers.common.Authorization = 'dfdfdf';
        LoginService.post(credentials,function(success){

        },function(error){

        });
    }

}]);

我的服务是

'use strict';


angular.module('samepinch.login').factory('LoginService', ['$resource','$enviornment', function ($resource,$enviornment) {
    var url = $enviornment.backendurl;
     return $resource(url+'authenticate',{},{
         query: {
             method:'GET', 
             params:{itemId:''}, 
             isArray:true
         },
         post: {
             method:'POST',
             headers: {
                  'Authorization': 'Basic dGVzdDp0ZXN0',
                  'Content-Type': 'application/json'
            }
         },
         update: {
             method:'PUT', params: {itemId: '@entryId'}
         },
          remove: {
              method:'DELETE'
          }
     });
}]);

我的 Http 请求看起来像

Remote Address:127.0.0.1:8080
Request URL:http://localhost:8080/api/v1/authenticate
Request Method:OPTIONS
Status Code:401 Unauthorized
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, authorization, content-type
Access-Control-Request-Method:POST
Cache-Control:no-cache
Connection:keep-alive
Host:localhost:8080
Origin:http://localhost:9006
Pragma:no-cache
Referer:http://localhost:9006/
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
Response Headersview source
Access-Control-Allow-Methods:POST, GET, OPTIONS, DELETE,PUT
Access-Control-Allow-Origin:*
Access-Control-Max-Age:3600
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Length:0
Date:Wed, 22 Jul 2015 07:52:15 GMT
Expires:0
Pragma:no-cache
Server:Apache-Coyote/1.1
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block

因此 header 中未设置“授权”字段。请帮助我，我在这里缺少什么

Answer 1

此日志用于 OPTIONS 请求

请求方法:选项

首先，您需要将服务器设置为对 OPTIONS 调用返回 200 OK，然后将发送带有正确参数的 POST 调用

在此处查找说明 http://enable-cors.org/如何在您的架构上配置 CORS(包括 OPTIONS 请求)