Javascript 如何设置源请求头
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/46808011/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to set the Origin Request Header
提问by Rakesh
I want to send an AJAX request to a remote API.
我想向远程 API 发送 AJAX 请求。
function Gettest(CourseID) {
var param = { "CourseID": CourseID};
param = JSON.stringify(param);
$.ajax({
type: "Post",
url: apiurl + "Course/DelCoursetargetedaudience",
contentType: "application/json; charset=utf-8",
data: param,
dataType: "json",
success: function (data) {
},
error: function (response) {
}
});
};
But I need to change the origin name, before sending the request.
但是我需要在发送请求之前更改源名称。
Please refer to the image below.
请参考下图。
回答by Baksteen
In short: you cannot.
简而言之:你不能。
As described on MDN; Origin is a 'forbidden' header, meaning that you cannot change it programatically.
如MDN 所述;Origin 是一个“禁止的”标头,这意味着您不能以编程方式更改它。
You would need to configure the web server to allow CORS requests.
您需要配置 Web 服务器以允许 CORS 请求。
To enable CORS, add this to your Web.config
要启用 CORS,请将其添加到您的 Web.config
<system.webServer>
<!-- Other stuff is usually located here as well... -->
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
<system.webServer>
Alternatively, in Global.asax.cs
或者,在 Global.asax.cs 中
public class WebApiApplication : System.Web.HttpApplication
{
protected void Application_Start()
{
/* Some register config stuff is already located here */
}
// Add this method:
protected void Application_BeginRequest()
{
HttpContext.Current.Response.AddHeader
(name: "Access-Control-Allow-Origin", value: "*");
}
}
回答by user2154065
Just as Baksteen stated, you cannot change this header value in JavaScript. You would have to edit your server configuration to allow cross origin requests.
正如 Baksteen 所说,您不能在 JavaScript 中更改此标头值。您必须编辑服务器配置以允许跨源请求。
But:After reading your comments, I think you need a solution for debugging and testing only.
但是:阅读您的评论后,我认为您只需要一个用于调试和测试的解决方案。
In that case, you can use Chrome and start it with special unsafe parameters. If you provide this parameters to Chrome, it will allow you cross domain requests.
在这种情况下,您可以使用 Chrome 并使用特殊的不安全参数启动它。如果您向 Chrome 提供此参数,它将允许您跨域请求。
Do not use this chrome instance for other things than testing your page!
请勿将此 chrome 实例用于测试页面以外的其他用途!
chrome --disable-web-security --user-data-dir
I tried several Add-ons for Firefox and Chrome, but they did not work with recent versions of the browsers. So I recommend to switch to chrome and use the parameters above to test your API calls.
我为 Firefox 和 Chrome 尝试了几个附加组件,但它们不适用于最新版本的浏览器。所以我建议切换到 chrome 并使用上面的参数来测试你的 API 调用。
If you are interested in a more powerful solution, you may want to use a Debugging Proxy, like Fiddler from Telerik. You may write a custom rule, so Fiddler changes your headers before the request leaves your PC. But you have to dig into the tool, before you can use all its powers. This may be interesting, because it may help you out on more than just this debugging issue.
如果您对更强大的解决方案感兴趣,您可能需要使用调试代理,例如Telerik 的 Fiddler。您可以编写自定义规则,以便 Fiddler 在请求离开您的 PC 之前更改您的标头。但是您必须深入研究该工具,然后才能使用其所有功能。这可能很有趣,因为它可以帮助您解决的不仅仅是这个调试问题。
