在使用服务堆栈对服务器进行跨域调用之前,我已成功通过身份验证并获取 token 。
现在我想再次调用来检索数据:
$.ajax({
beforeSend: function(xhr) {
xhr.setRequestHeader('Authorization', 'Basic ' + getToken());
},
type: "GET",
url: requestUrl,
xhrFields: {
withCredentials: true
},
async: true,
dataType: 'json',
crossDomain: true
})
当我查看 Google Chrome 开发工具控制台时,我看到了以下内容:
OPTIONS http://MyPc.company:82//customers 404 (Not Found)
OPTIONS http://MyPc.company:82//customers Invalid HTTP status code 404
XMLHttpRequest cannot load http://MyPc.company:82//customers.
Invalid HTTP status code 404 (index):1
当我查看 fiddler 时,我看到这个请求:
检查器 => 验证:不存在授权 header 。
检查员 => 原始:
OPTIONS http://MyPc.company:82//customers HTTP/1.1
Host: MyPc.company:82
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Access-Control-Request-Method: GET
Origin: http://MyPc.company
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Access-Control-Request-Headers: access-control-allow-origin, accept, access-control-allow-headers, authorization, access-control-allow-methods, content-type
Accept: */*
Referer: http://MyPc.company/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
为什么未发送授权 header ?乍一看,这对我来说似乎是起源问题。
最佳答案
在 JavaScript 中
jQuery.support.cors = true;
function make_base_auth(user, password) {
var tok = user + ':' + password;
var hash = btoa(tok);
return "Basic " + hash;
}
function DoTest() {
var TestRequest = new Object();
TestRequest.name = "Harry Potter";
TestRequest.Id = 33;
var username = "admin";
var password = "test";
$.ajax({
type: 'Post',
contentType: 'application/json',
cache: false,
async: false,
url: serverIP + '/TestAPI/'+ TestRequest.Id,
data: JSON.stringify(TestRequest),
dataType: "json",
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", make_base_auth(username, password));
},
success: function (response, status, xhr) {
var s= response.message;
},
error: function (xhr, err) {
alert(xhr.statusText);
}
});
}
应该为 CORS 启用服务配置,例如
Plugins.Add(new CorsFeature(allowedHeaders: "Content-Type, Authorization"));
也许是我以前的answer可以帮助你。
或者更好的是来自 Community Resources 的以下博客文章
关于jquery - ajax jquery跨域调用不发送授权头,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19570311/