javascript 有没有办法删除由 setRequestHeader() 设置的 Ajax 标头?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18491368/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Is there any way to remove Ajax headers set by setRequestHeader()?
提问by Brandon Kelly
I'm writing a JS script that lives within a system which is now adding a custom XID header to all Ajax requests via jqXHR.setRequestHeader() in a function registered with jQuery.ajaxPrefilter().
我正在编写一个存在于系统中的 JS 脚本,该系统现在通过 jqXHR.setRequestHeader() 在使用 jQuery.ajaxPrefilter() 注册的函数中向所有 Ajax 请求添加自定义 XID 标头。
In my script, I need to make an Ajax request to a third party site, whose Access-Control-Allow-Headers is not set up to allow this custom XID header.
在我的脚本中,我需要向第三方站点发出 Ajax 请求,该站点的 Access-Control-Allow-Headers 未设置为允许此自定义 XID 标头。
It seems I have 3 options:
看来我有3个选择:
- Find a way to remove that XID header in $.ajax()'s beforeSend function, which I have confirmed gets called after the ajaxPrefilter() function.
- Forgo using $.ajax() entirely and just write the Ajax stuff myself.
- Have $.ajax() point to the system's backend which does accept the custom XID header, and perform the request to the third party site via cURL.
- 找到一种方法来删除 $.ajax() 的 beforeSend 函数中的 XID 标头,我已经确认它在 ajaxPrefilter() 函数之后被调用。
- 完全放弃使用 $.ajax() 并自己编写 Ajax 内容。
- 让 $.ajax() 指向接受自定义 XID 标头的系统后端,并通过 cURL 执行对第三方站点的请求。
Option #1 is preferred, if there's a simple way to do it, since it will be the cleanest and fastest route. Just can't figure out how.
如果有一种简单的方法可以做到,则首选选项 #1,因为它将是最干净和最快的路线。就是想不通怎么办。
I have tried overriding it like this, but it didn't work:
我试过像这样覆盖它,但它没有用:
beforeSend: function(jqXHR, settings) {
jqXHR.setRequestHeader('custom-xid-header', null);
}
Any ideas?
有任何想法吗?
回答by randomsock
I realize this is an old thread, but it's still a problem! Hope the following will help resolve it for someone else as it has for us.
我意识到这是一个旧线程,但它仍然是一个问题!希望以下内容可以帮助其他人解决它,就像我们一样。
Setting a header to null/undefined/""after it's been set does notremove it, it sends the header still but with either no value or "undefined" or "null". This is probably never what you want, and in our case, totally screws SSO when it's the Authorization header.
设置一个头null/ undefined/""它已经不集后不删除它,它发出的头还在,但与不用值或“不确定”或“空”。这可能永远不是您想要的,在我们的例子中,当它是 Authorization 标头时,完全搞砸了 SSO。
The solution we came up with relies on a mix of @marlar's suggestion (thanks) and another deficiency of jQuery: You can only have ONE beforeSend()hook, and any new hook replacesthe previous one. It seems that this is also true if you supply a beforeSend()in a specific $.ajax()request - it will override any default one in $.ajaxSetup(). By doing so, you prevent the default hook from setting the header. (It's not 100% ideal because there may be other things done in the default beforeSend()that will then not happen, but hey).
我们提出的解决方案依赖于@marlar 的建议(谢谢)和 jQuery 的另一个缺陷的混合:你只能有一个beforeSend()钩子,任何新的钩子都会取代以前的钩子。如果您beforeSend()在特定$.ajax()请求中提供 a 似乎也是如此- 它会覆盖$.ajaxSetup(). 通过这样做,您可以防止默认挂钩设置标头。(这不是 100% 理想的,因为可能在默认情况下完成的其他事情beforeSend()不会发生,但是嘿)。
So this copes with both static and dynamically set headers for a specific request:
因此,这可以处理特定请求的静态和动态设置的标头:
if($.ajaxSettings && $.ajaxSettings.headers) {
delete $.ajaxSettings.headers.Authorization;
}
$.ajax({
beforeSend: function() {}, // no op
// ...
});
You can't do the same for prefilter(), but I think beforeSend()is the far more common way of doing this anyway.
你不能对 做同样的事情prefilter(),但我认为beforeSend()无论如何都是更常见的方法。
回答by Gerald Chen
$.ajaxSetup({
beforeSend: function(jqXHR, settings) {
jqXHR.setRequestHeader('custom-xid-header', null);
}
})
回答by ewwink
We can't delete header using beforeSend()because the data already passed to XMLHttpRequestwe can only modify the headers.
我们不能删除头使用,beforeSend()因为已经传递给XMLHttpRequest我们的数据只能修改头。
But today, 2019 you can delete unwanted (non-standard) headers using jQuery.ajaxPrefilter().
但是今天,2019 年您可以使用jQuery.ajaxPrefilter().
$.ajaxPrefilter(function(options, originalOptions, jqXHR) {
delete options.headers['custom-xid-header'];
});
$.ajax({
url: '//httpbin.org/get',
headers: {
'custom-xid-header': 'remove me',
"Accept": "what/ever"
},
datatype: 'json',
success: function(data) {
console.log(data.headers);
}
});<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<!--script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script-->回答by Doctor
Overiding doesn't seem's to work but there is a simple fix.
覆盖似乎不起作用,但有一个简单的修复方法。
$.ajaxSetup({
beforeSend: function (jqXHR) {
if (sendToken == true)
jqXHR.setRequestHeader("Authorization", cookie);
return true;
}
});
Check the sendTokenvariable. It's global. At the start of my app I always set it at true because I need the header set pretty much everywhere.
检查sendToken变量。它是全球性的。在我的应用程序开始时,我总是将其设置为 true,因为我几乎需要在任何地方设置标头。
But when I don't want to send the "Authorization" header I just pass the global sendTokento falsebefore any request can go. When all requests are done I just simply set it to trueagain...
但是当我不想发送“授权”标头时,我只是在任何请求可以发出之前将全局sendToken传递给false。完成所有请求后,我只需将其再次设置为true...
The trick is that the jqXHR variable is local and wont keep the assigned value each time. And overiding a current value set in the ajaxSetup doesn't work because it always adds the new value instead of just replacing it. Having a condition on the top of it is I think the most simple and efficient way.
诀窍是 jqXHR 变量是本地的,不会每次都保留分配的值。并且覆盖 ajaxSetup 中设置的当前值不起作用,因为它总是添加新值而不是仅仅替换它。把条件放在上面是我认为最简单有效的方法。
It worked for me.
它对我有用。
回答by marlar
This will remove a header set with $.ajaxSetup(). I guess it will work with beforeSend() as well.
这将删除使用 $.ajaxSetup() 设置的标头。我想它也适用于 beforeSend() 。
delete $.ajaxSettings.headers["custom-xid-header"]
