我有很多网络服务都可以使用。通常情况下,当我在提琴手中检查一个电话时,我会看到类似下面的内容;
POST /api/dosomeaction.php HTTP/1.1
Accept: application/json
Authorization: Basic BlahBlahBlah
Content-Type: application/json; charset=utf-8
Host: myhost.co.uk
Content-Length: 140
Expect: 100-continue
Connection: Keep-Alive
但是当我通过html / ajax尝试相同时,我会获得不同格式的标题。尽管使用相同的身份验证un / pwd。
Javascript是;
var hash = encodeBase64("username:password");
var request = new XMLHttpRequest();
var params = "ExtraData" + ":" + "foo";
request.open("POST", "http://www.myhost.co.uk/dosomeaction.php", false);
request.setRequestHeader("Content-type", "application/json");
request.setRequestHeader("Authorization", "Basic " + hash);
request.send(params);
我回来了
OPTIONS /dosomeaction.php HTTP/1.1
Accept: */*
Origin: http://localhost:2024
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: www.myhost.co.uk
Content-Length: 0
DNT: 1
Connection: Keep-Alive
Pragma: no-cache
当我在Fiddler中检查调用时,Auth选项卡显示没有授权数据,并且json / text也为空。然而,当网络服务器返回302并将我引导到登录页面时,正在进行呼叫。
所以我最初的问题是为什么没有发送授权标题和其他数据?