使用 jquery 和 ajax 发送授权标头
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/10113911/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Sending authorization headers with jquery and ajax
提问by bretterer
I have looked at the following questions here on stackoverflow with no luck in what im trying to do.
我在stackoverflow上查看了以下问题,但在我尝试做的事情上没有运气。
Ajax Authorization Request headers fails again and again
jQuery Ajax Unauthorized 401 Error
Sending credentials with cross-domain posts?
Here is my code that I currently have:
这是我目前拥有的代码:
$(document).ready(function() {
$.ajax({
url: 'http://sample.domain.com/script.php?name1=value1&jsonp=?',
type: 'GET',
dataType: 'json',
contentType: "application/json",
beforeSend: function(xhr) {
xhr.setRequestHeader("Authentication", "Basic ZnJvbWFwcGx********uOnRoM24zcmQ1UmgzcjM=") //Some characters have been replaced for security but this is a true BASE64 of "username:password"
},
success: function(data){
alert(data);
}
});
});
</script>
The subdomain I have is password protected by an .htpasswd file. The login of the site works just fine for me using the username/password combo used in the base64 encode.
我拥有的子域受 .htpasswd 文件的密码保护。使用 base64 编码中使用的用户名/密码组合,该站点的登录对我来说工作得很好。
Im running this script on a different domain than the one that the url is on which is why i have the jsonp=? in the url
我在与 url 所在的域不同的域上运行此脚本,这就是为什么我有 jsonp=? 在网址中
The response im getting from the console in the browser is:
GET http://sample.domain.com/script.php?name1=value1&jsonp=jsonp1334177732136 401 (Authorization Required)
我从浏览器控制台得到的响应是:
GET http://sample.domain.com/script.php?name1=value1&jsonp=jsonp1334177732136 401 (Authorization Required)
采纳答案by j_mcnally
JSONP uses a script tag proxy. It wouldn't support custom headers. Are you in control of the endpoint? If so look into enabling CORS, or pass the authentication key in the GET string.
JSONP 使用脚本标记代理。它不支持自定义标头。你在控制端点吗?如果是这样,请查看启用 CORS,或在 GET 字符串中传递身份验证密钥。
When using jsonp JQuery converts your URL "ajax" request to:
使用 jsonp 时,JQuery 会将您的 URL“ajax”请求转换为:
<script src="[endpoint]"></script>
it then writes a random function
然后它写一个随机函数
var json9409d0sf0d9s0df90 = function() {
//some callback logic here.
}
and appends ?callback=json9409d0sf0d9s0df90
并附加 ?callback=json9409d0sf0d9s0df90
your server then says
你的服务器然后说
echo $_GET['callback] . "(" . $json . ")";
and sends that back as the response so
并将其作为响应发送回来
json9409d0sf0d9s0df90({some: data});
is exexcuted by the browser and handled by jQuery's magical handlers that make it respond like a normal ajax callback.
由浏览器执行并由 jQuery 的神奇处理程序处理,使其像普通的 ajax 回调一样响应。
AFAIK, <script src=""></script>asset loads wont take custom headers by any standard browser.
AFAIK,<script src=""></script>资产加载不会采用任何标准浏览器的自定义标头。
回答by user2690667
The header name is Authorization, and you are sending "Authentication"
标题名称是Authorization,并且您正在发送“ Authentication”
e.g.
例如
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtBmU=
授权:基本 QWxhZGRpbjpvcGVuIHNlc2FtBmU=
