The issue was not setting the dataTypeto JSONP. As this was not done the browser interpreted the call as a standard AJAX request which meant it was being blocked under same-origin-policy.

这个问题是不设置dataType到JSONP。由于没有这样做，浏览器将调用解释为标准的 AJAX 请求，这意味着它在同源策略下被阻止。

Working code for reference (credit goes to @pdeschen for suggesting Crpyto):

工作代码供参考（感谢@pdeschen 建议使用 Crpyto）：

<script type='text/javascript'>
// define vars
var username = '';
var password = '';
var url = '';

// ajax call
$.ajax({
    url: url,
    dataType : 'jsonp',
    beforeSend : function(xhr) {
      // generate base 64 string from username + password
      var bytes = Crypto.charenc.Binary.stringToBytes(username + ":" + password);
      var base64 = Crypto.util.bytesToBase64(bytes);
      // set header
      xhr.setRequestHeader("Authorization", "Basic " + base64);
    },
    error : function() {
      // error handler
    },
    success: function(data) {
        // success handler
    }
});
</script> 

This finallyseems to work for me. There could be collisions on an individual call basis. Sets this method as a default for future connection options.

这最终似乎对我有用。在单个调用的基础上可能会发生冲突。将此方法设置为未来连接选项的默认值。

//Function( jqXHR jqXHR )
$.ajaxSetup( {beforeSend: function(jqXHR) {
    jqXHR.setRequestHeader( "My-Header", "My-Value" );
} } );