[英]Send a Cookie in a RestAngular request
我有一個Restangular.getAll函數,
當我將其稱為cookie時,API請求中不包含cookie,這與獲得HTML請求的人不同。
如果我強迫:
Restangular.setDefaultHeaders({ Cookie: function() { return "foo " + $cookies.get('foo'); } })
錯誤是:
Refused to set unsafe header "Cookie"
如果我添加到app.config中:
RestangularProvider.setDefaultHttpFields({
withCredentials: true
});
錯誤是:
XMLHttpRequest cannot load [*link*] A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true.
Origin [*host*] is therefore not allowed access.
The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.
請注意, 主機和鏈接是頁面鏈接和主機鏈接的縮寫。
編輯:我在春季的CORSFilter:
@Component
@Order(Ordered.HIGHEST_PRECEDENCE)
public class CORSFilter implements Filter {
public CORSFilter() {
}
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with, authorization, content-type");
if ("OPTIONS".equalsIgnoreCase(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
} else {
chain.doFilter(req, res);
}
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void destroy() {
}
}
您的服務器必須返回Access-Control-Allow-Origin的特定內容:您可以在其中提供webapp主機URL,或動態復制原始信息(出於開發目的)。
注意:其服務器端修復
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.