我们最初在URL中发送的身份验证为
http://root:root@172.19.50.30/mjpg/video.mjpg?resolution=1024x768&compression=70
,效果很好。只要密码不使用特殊字符,就可以使用。但是糟糕的做法和Chrome迫使我以不同的方式去做。
此请求的Wireshark标头:
GET /mjpg/video.mjpg?resolution=1024x768&compression=70 HTTP/1.1
Host: 172.19.50.30
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: */*
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://172.19.50.30/local/ipsloitering/index.html?&language=en-US
Connection: keep-alive
Authorization: Digest username="root", realm="AXIS_00408CC561BC", nonce="7kRiObt8BQA=b937e181325fd66b88f1179eb1f5efe649c49e66", uri="/mjpg/video.mjpg?resolution=1024x768&compression=70", algorithm=MD5, response="5f31e9a6fe08992737bacd47bf4131a5", qop=auth, nc=00000001, cnonce="33c8306da3831b3a"
为了允许其他字符并使用chrome,我使用了以下JS代码:
fetch(url,
{
method:'GET',
headers: {
'Authorization': 'Basic ' + btoa("root:root")
},
}
)
响应是
GET /mjpg/video.mjpg?resolution=1920x1080&compression=70 HTTP/1.1
Host: 172.19.50.30
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0
Accept: */*
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://172.19.50.30/local/ipsloitering/index.html?&language=en-US
authorization: Basic cm9vdDpyb290
origin: http://172.19.50.30
Connection: keep-alive
HTTP/1.1 401 Unauthorized
Date: Tue, 11 Dec 2018 08:54:07 GMT
Server: Apache/2.4.27 (Unix) OpenSSL/1.0.2k
WWW-Authenticate: Digest realm="AXIS_00408CC561BC", nonce="LqVkObt8BQA=f5ede433bcdc7b2d1a7b12c0763156e9d45b8972", algorithm=MD5, qop="auth"
Content-Length: 381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
如何获取fetch()以使用Digest,或者是什么原因引起的?