Ember-data nested-url适配器不会在请求标头中显示请求有效负载

时间:2014-04-24 11:08:45

标签: javascript authentication ember.js authorization ember-data

Ember-data不支持模型中的嵌套API网址。为此,我们需要编写自己的自定义适配器。我添加了nested_url_adapter。 我现在遇到的问题::

  1. 在对api“http://api.server/resource/resourceId/childResource”发出POST请求时, 请求标头上的请求有效负载不存在。

    2. 2.我使用余烬-简单-AUTH LIB的认证和授权,̶一边做POST请求,̶请求报头中没有授权̶h̶e̶a̶d̶e̶r̶.̶

    我已经实现了相同的nested_url适配器,根据我的api服务器对type.typeKey进行了少量修改。

    以下是我在我的应用程序中的文件要点: Gist

    XHR请求标签:: 

    Remote Address: 127.0.1.1: 80
Request URL: http: //api.server/events/9/tickets
Request Method: OPTIONS
Status Code: 200 OK
Request Headersview parsed
OPTIONS / events / 9 / tickets HTTP / 1.1
Host: api.server
Connection: keep - alive
Access - Control - Request - Method: POST
Origin: http: //0.0.0.0:4300
User - Agent: Mozilla / 5.0(X11; Linux x86_64) AppleWebKit / 537.36(KHTML, like Gecko) Chrome / 36.0.1941.0 Safari / 537.36
Access - Control - Request - Headers: accept,
client_id
Accept: *
/*
Referer: http://0.0.0.0:4300/event/9/manage/tickets
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Response Headersview parsed
HTTP/1.1 200 OK
Date: Thu, 24 Apr 2014 11:51:07 GMT
Server: Apache/2.4.9 (Ubuntu)
X-Powered-By: PHP/5.5.11-2+deb.sury.org~precise+2
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization, Content-Type, client_id, client_secret
Access-Control-Max-Age: 0
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html*/

    POST请求:: 

    Remote Address: 127.0.1.1: 80
Request URL: http: //api.server/events/9/tickets
Request Method: POST
Status Code: 201 Created
Request Headersview source
Accept: application / json,
text / javascript,
*
/*; q=0.01
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
client_id:[object Object]
Connection:keep-alive
Content-Length:0
Host:api.server
Origin:http://0.0.0.0:4300
Referer:http://0.0.0.0:4300/event/9/manage/tickets
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1941.0 Safari/537.36
Response Headersview source
Access-Control-Allow-Origin:*
Access-Control-Expose-Headers:
Connection:Keep-Alive
Content-Length:242
Content-Type:application/hal+json
Date:Thu, 24 Apr 2014 11:51:07 GMT
Keep-Alive:timeout=5, max=99
Location:http://api.server/events/9/tickets/24
Server:Apache/2.4.9 (Ubuntu)
X-Powered-By:PHP/5.5.11-2+deb.sury.org~precise+2*/

    根据marcoowcomment,第二个问题已经解决。还是第一个问题就在那里。

1 个答案:

答案 0 :(得分:0)

当您使用带有跨源请求的Ember.SimpleAuth时,您必须明确地将这些来源列入白名单,以便通过Ember.SimpleAuth添加授权标头(这是一个安全功能,以确保您的令牌没有&# 39; t在互联网上发布) - 见这里:http://ember-simple-auth.simplabs.com/ember-simple-auth-api-docs.html#Ember-SimpleAuth-setup

相关问题
最新问题