[英]Angular how not to send OPTION when sending auth token in HTTP Request
Having an issue with CORS, trying to do a GET
request with Authorization
token but having an issue with OPTIONS. CORS遇到问题,尝试使用
Authorization
令牌执行GET
请求,但OPTIONS遇到问题。 Wondering how to not send OPTIONS when requesting GET
to another server? 想知道如何在向另一台服务器请求
GET
时不发送OPTIONS吗?
$http({
url: request_data.url,
type: request_data.method,
withCredentials: true,
headers: {
'Authorization': localStorage.getItem('Auth'),
'Content-Type': 'application/json; charset=utf-8'
},
crossDomain: true
}).then(function(response) {
//process your data here
vm.prodData = response.data;
console.log(response.data);
});
I can't send a request because the CORS issue, probably due to the header Authorization
part. 由于CORS问题,可能是由于标头
Authorization
部分,因此我无法发送请求。
You can't. 你不能
Authorization
headers are not "safe", so you can't include them in a cross origin request without permission. Authorization
标头不是“安全的”,因此,未经允许,您不能将它们包含在跨源请求中。
The preflight OPTIONS request is there to ask for permission. 印前飞行OPTIONS请求在那里请求许可。
You are doing something unusual that is a potential risk, so you have to change the server you are making the request to so it will tell the browser that it is OK to make the request. 您所做的异常操作有潜在风险,因此您必须将要发送请求的服务器更改为可以通知浏览器可以发送请求的服务器。
Is far as i know when youre trying a CORS request it will always send an OPTIONS request first to check if youre allowed to make requests, you have to deal with that on server side, for instance in php i do the following: 据我所知,当您尝试CORS请求时,它将始终首先发送一个OPTIONS请求,以检查您是否允许发出请求,您必须在服务器端进行处理,例如在php中,我会执行以下操作:
if($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header( "HTTP/1.1 200 OK" );
exit();
}
that way if the client send an OPTIONS request it will automaticly send an 200 OK response and then it will wait for the correct request (GET, POST, etc) 这样,如果客户端发送一个OPTIONS请求,它将自动发送200 OK响应,然后它将等待正确的请求(GET,POST等)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.