调用API url参数问题
[英]Calling API url parameters issue
问题描述
I have a cms, where am using laravel as web api, angularjs for requests. 
我有一个cms,在那里使用laravel作为web api,angularjs请求。 I have an iframe where I call to services with a direct link and put it usig trusted src function. 我有一个iframe,我用直接链接调用服务,并使用usig可信的src函数。
The main problem is, I can not use a normal http post request and hide parameters, because using http request will return data, not file, and the report api returns in headers, an html file, pdf ... etc) so when i get result to the success of my http request, it won't download pdf file, it will show special chars 主要的问题是,我不能使用正常的http post请求和隐藏参数,因为使用http请求将返回数据,而不是文件,报告api返回标题,html文件,pdf ...等等,所以当我得到结果我的http请求成功,它不会下载pdf文件,它会显示特殊的字符
in the i frame am calling the api like this : "localhost/api/getreportService/"+$scope.brandid+"&"+$scope.customerid" 我在i框架中调用这样的api:“localhost / api / getreportService /”+ $ scope.brandid +“&”+ $ scope.customerid“
but that's cannot be secure, is there any way to hide the request here from users? 但这是不安全的,有没有办法在这里隐藏用户的请求?
1 个解决方案
解决方案1
0 2016-11-30 08:30:15
ok, I found a solution, I called the api via http post request then I used $sce tustAsHtml for the response, with a ng-bind-html in my template and the result is good now, the report is showing in the div, 好吧,我找到了一个解决方案,我通过http post请求调用api然后我使用$ sce tustAsHtml作为响应,在我的模板中使用ng-bind-html,结果现在很好,报告显示在div中,
Now all is safe, the user needs a token to access the report, and that's impossible without a login. 现在一切都很安全,用户需要一个令牌来访问报告,如果没有登录,这是不可能的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.