AngularJS在$ http.get中删除`x-csrf-token`
[英]AngularJS remove `x-csrf-token` in $http.get
问题描述
I'd like to make a call to a 3rd party API using $http . 
我想使用$http调用第三方API。 However, it's including a x-csrf-token in the request which I believe is throwing off the request. 但是,它在请求中包含一个x-csrf-token ,我相信这会抛弃该请求。
var req = {
method: 'GET',
url: url,
headers: {
'Authorization': 'Token <token>'
}
}
return $http(req)
However, I'm getting the following error: 但是,出现以下错误:
Failed to load
URL: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.URL:对预检请求的响应未通过访问控制检查:所请求的资源上不存在“ Access-Control-Allow-Origin”标头。 Origin ' http://localhost:5000 ' is therefore not allowed access.
When I look at the request, it's being sent as OPTIONS . 当我查看请求时,它以OPTIONS的形式发送。 Is the issue that I'm sending the x-csrf-token in the header and I need to remove it? 我在标题中发送x-csrf-token并需要将其删除的问题吗? Or am I missing something else? 还是我想念其他东西? How can I successfully make this GET request? 我如何成功发出此GET请求?
1 个解决方案
解决方案1
0 2018-09-25 21:12:35
Your request seems to be correct. 您的要求似乎正确。 However, it appears that the API you try to call doesn't accept Cross Origin Resource Sharing. 但是,您尝试调用的API似乎不接受跨源资源共享。
This is not an AngularJS issue, but a server one. 这不是AngularJS问题,而是服务器问题。
If the API is yours, add a CORS policy. 如果您使用的是API,请添加CORS策略。
If the API is something like Google, Spotify or whatever, don't forget to register your URL as accepted domain. 如果API是Google,Spotify之类的东西,请不要忘记将URL注册为接受域。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.