[英]Why I get Internet Explorer enhanced security error message in Chrome if I call VSO API from Angularjs SPA?
I have a SPA implemented in Angularjs - Typescript calling VSO API and providing authentication data you can find below:我有一个在 Angularjs 中实现的 SPA - Typescript 调用 VSO API 并提供您可以在下面找到的身份验证数据:
((): void => {
"use strict";
angular
.module("app")
.config(config);
config.$inject = [
"$httpProvider"
];
function config(
$httpProvider: ng.IHttpProvider
) {
$httpProvider.defaults.headers.common['Authorization'] = "Bearer username:password";
}
});
I see the Network tab of the browser that this call will be redirected to here:我看到浏览器的网络选项卡,这个调用将被重定向到这里:
https://app.vssps.visualstudio.com/_signin?realm=dldxdm.visualstudio.com&reply_to...
And a following request.并提出以下要求。
The console does not show any authentication error, but there is no result of my request (GET) but it should be!控制台没有显示任何身份验证错误,但我的请求(GET)没有结果,但应该是! Instead of the result I get the message you can see in the screenshot.
我得到的不是结果,而是您可以在屏幕截图中看到的消息。 It is Microsoft Internet Explorer's Enhanced Security Configuration is currently enabled on your environment.
它是当前在您的环境中启用了 Microsoft Internet Explorer 的增强安全配置。 This enhanced level of security prevents our web integration experiences from displaying or performing correctly.
这种增强的安全级别会阻止我们的 Web 集成体验正确显示或执行。 To continue with your operation please disable this configuration or contact your administrator.
要继续您的操作,请禁用此配置或联系您的管理员。 But the query executed in Chrome.
但是在 Chrome 中执行的查询。 Why an IE error message is here?
为什么会出现 IE 错误消息?
In the browser I logged in to VSO to the project, and if I copy the url and paste into another tab and execute it I'll get the proper result I'm looking for.在浏览器中,我登录到项目的 VSO,如果我复制 url 并粘贴到另一个选项卡中并执行它,我将获得我正在寻找的正确结果。
Questions :问题:
I googled for the IE error message but there is no answer.我用谷歌搜索 IE 错误消息,但没有答案。 The how to disable the enhanced security of IE I have found Windows Server answers.
如何禁用 IE 的增强安全性我找到了 Windows Server 的答案。 I don't think they are related to my issue.
我不认为它们与我的问题有关。
Update :更新:
Ok, I have an article about what is happening.好的,我有一篇关于正在发生的事情的文章。 Next step, implementation.
下一步,实施。
I found that this happened to me when my PAT was wrong due to a copy and paste error.我发现当我的 PAT 由于复制和粘贴错误而出错时,这发生在我身上。
Looks like you are probably failing authentication because you didn't base64 encode the bearer token.看起来您可能未通过身份验证,因为您没有对不记名令牌进行 base64 编码。
I had this same issue.我有同样的问题。 I verified this in postman as follows...
我在邮递员中验证了这一点,如下所示......
I didn't have to base64 encode my PAT.我不必对我的 PAT 进行 base64 编码。 I found that I just needed to double check that my PAT had the right access.
我发现我只需要仔细检查我的 PAT 是否具有正确的访问权限。 I passed the data as Basic Auth.
我将数据作为基本身份验证传递。 Username: "whatever the hell you want" Password: PAT
用户名:“随便你” 密码:PAT
Response: 200 👍回应:200 👍
Prefix your Personal Access Token(PAT) with :(colon).在您的个人访问令牌 (PAT) 前加上:(冒号)。 then Base 64 encode it.
然后 Base 64 对其进行编码。
Eg:例如:
If "myaccesstoken" is my PAT,如果“myaccesstoken”是我的 PAT,
Apply base 64 encoder to ":myaccesstoken"
将 base 64 编码器应用于“:myaccesstoken”
In the Authorization header, place your base encoded string as,在 Authorization 标头中,将您的基本编码字符串放置为,
Authorization : Basic MyColonPrefixedBase64String
授权:基本 MyColonPrefixedBase64String
If somebody else comes on this page after getting same error in Azure devops classic pipeline ( like I did ) then they may need to select radio button titled " Allow scripts to access the OAuth token ".如果其他人在 Azure devops 经典管道中遇到相同的错误(就像我所做的那样)后出现在此页面上,那么他们可能需要选择标题为“允许脚本访问 OAuth 令牌”的单选按钮。 This option is available here "Stage >> Agent Job >> Additional Options".
此选项在“阶段 >> 代理工作 >> 其他选项”中可用。 For more clarity, you may wan to refer this blog post .
为了更清楚,您可以参考这篇博文。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.