设置标头时，Jquery Ajax调用时出现CORS错误

Question

以下代码运行正常：

$.ajax({
  type: 'POST',
  url: baseUrl+"/users",                                                 
  data: data,
});

但是，如果我添加一个授权标题：

$.ajax({
  type: 'POST',
  url: baseUrl+"/users",
  data: data,                                            
  headers: {
    Authorization: clientAuth,                                           
  },
});

然后我收到以下错误：

XMLHttpRequest cannot load http://0.0.0.0:8080/users. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://0.0.0.0:9000' is therefore not allowed access.（这是chrome，但我在firefox中遇到了类似的错误）。

奇怪的是我的服务器配置为处理CORS，Access-Control-Allow-Origin已设置！查看OPTIONS请求/响应：

如果它有帮助，这里是两个请求的CURL：

选项：

curl 'http://0.0.0.0:8080/users' -X OPTIONS -H 'Access-Control-Request-Method: POST' -H 'Origin: http://0.0.0.0:9000' -H 'Accept-Encoding: gzip,deflate,sdch' -H 'Accept-Language: en-US,en;q=0.8' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36' -H 'Accept: */*' -H 'Referer: http://0.0.0.0:9000/' -H 'Connection: keep-alive' -H 'Access-Control-Request-Headers: accept, authorization, content-type' --compressed

后：

curl 'http://0.0.0.0:8080/users' -H 'Accept: */*' -H 'Referer: http://0.0.0.0:9000/' -H 'Origin: http://0.0.0.0:9000' -H 'Authorization: YXBwRnJldGlzdGE6cGFzc3dvcmQ=' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/34.0.1847.116 Chrome/34.0.1847.116 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' --data 'grant_type=bearer&username=vitor%40freta.la&password=123456' --compressed

为什么我收到此错误？我甚至无法判断问题是客户端还是服务器端，因为我发送了CORS请求所需的所有头文件！ 任何帮助将不胜感激！谢谢！

Answer 1

尝试在clientAtuh：

之前添加基本

'Authorization: YXBwRnJldGlzdGE6cGFzc3dvcmQ='

变为：

'Authorization: Basic YXBwRnJldGlzdGE6cGFzc3dvcmQ='