从 Angular http 拦截器设置响应头
[英]Set response headers from angular http interceptor
问题描述
I am trying to set a new header on every http response so the response includes a content-security-policy using the latest version of angular.
我正在尝试为每个 http 响应设置一个新标头,以便响应包含使用最新版本的 angular 的内容安全策略。 I have created this http interceptor, and when I go to add to the header I don't get any errors or anything, but nothing actually gets added to the response headers.我已经创建了这个 http 拦截器,当我去添加到标头时,我没有收到任何错误或任何东西,但实际上没有任何东西添加到响应标头中。 Here is the code I have for the interceptor.这是我的拦截器代码。 Is there anything that I should change here, or is it not possible to add response headers to every http response from angular.有什么我应该在这里更改的吗,或者不可能从 angular.js 向每个 http 响应添加响应标头?
HttpEvent,
HttpInterceptor,
HttpHandler,
HttpRequest,
HttpResponse,
} from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs';
import { filter, map, tap } from 'rxjs/operators';
@Injectable()
export class AddHeaderInterceptor implements HttpInterceptor {
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
return next.handle(req).pipe(
filter(event => event instanceof HttpResponse),
tap((event: HttpResponse<any>) => {
event.headers.append('content-security-policy', 'some content-security-policy')
})
);
}
}
1 个解决方案
解决方案1
2 已采纳 2021-11-11 15:50:40
You can not alter history: The network tab shows what was sent across the network, and you can not retroactively change that.您无法更改历史记录:网络选项卡显示通过网络发送的内容,您无法追溯更改。
What an HttpInterceptor can do is change its own copy of the received headers before passing it on to the subscriber. HttpInterceptor 可以做的是在将接收到的标头传递给订阅者之前更改它自己的副本。
Also, a content security header is interpreted by the browser before it passes the response to JavaScript.此外,内容安全标头在将响应传递给 JavaScript 之前由浏览器解释。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.