javascript 从 HTTP-Request 标头获取授权
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/24991151/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Get Authorization from HTTP-Request header
提问by manti
I already searched within SO for some threads about this, but could only find some which explained what this header is for or how to get the authorization header in c# but I don't want to read it from server side but from client side.
我已经在 SO 中搜索了一些关于此的线程,但只能找到一些解释此标头的用途或如何在 c# 中获取授权标头的内容,但我不想从服务器端读取它,而是从客户端读取它。
Is there any way to get the Base64 encoded header "Authorization" from the browser? I want to implement a tool where you can log in and if you click on a spezific button your username will be saved.
有没有办法从浏览器中获取 Base64 编码的标头“授权”?我想实现一个工具,您可以在其中登录,如果您单击特定按钮,您的用户名将被保存。
My problem is that the browser does the authorization automatically, and with jQuery and JavaScript methods you can only set the requestheaders and get the responseheaders. I couldn't find a method to get the requestheaders.
我的问题是浏览器会自动进行授权,而使用 jQuery 和 JavaScript 方法,您只能设置请求标头并获取响应标头。我找不到获取请求标头的方法。
The library gethttpcould get some headers, but not the authorization header. My guess is that this header is hidden.
库gethttp可以获得一些标头,但不能获得授权标头。我的猜测是这个标题是隐藏的。
I'm doing a login via SVN and the browser does the authorization the moment you enter the website.
我正在通过 SVN 登录,浏览器在您进入网站时进行授权。
Only the username is enough. I'm searching for solutions where the user doesn't have to input their username.
只有用户名就足够了。我正在寻找用户不必输入用户名的解决方案。
回答by John Doeff
I'm assuming you're trying to use the Basic Realm authorisation mechanism
This had already been replied on Stackoverflow and involves the $.ajax()jquery object.
How to use Basic Auth with jQuery and AJAX?
So please don't upvote me on this
我假设您正在尝试使用 Basic Realm 授权机制 这已经在 Stackoverflow 上得到回复并且涉及到$.ajax()jquery 对象。
如何在 jQuery 和 AJAX 中使用基本身份验证?
所以请不要在这个问题上给我点赞
$.ajaxSetup({
headers: {
'Authorization': "Basic XXXXX"
},
data: '{ "comment" }',
success: function (){
alert('Thanks for your comment!');
}
});
where XXXXX is your username:password base64 encoded
其中 XXXXX 是您的用户名:密码 base64 编码
回答by Jens Kooij
It's not possible to get the headers for the request of the CURRENT page. This has been asked several times on SO.
无法获取当前页面请求的标头。这已在 SO 上多次询问。
However, you can make a new request and retrieve the headers of that request. That way you are able to get the Basic Auth headers, base64 decode that string and then you have the username (and also the password).
但是,您可以发出新请求并检索该请求的标头。这样你就可以得到 Basic Auth 标头,base64 解码那个字符串,然后你就有了用户名(还有密码)。
Decoding base64 in javascript can be done using the following function as presented in this answerby @broc.seib.
在 javascript 中解码 base64 可以使用以下函数来完成,如@broc.seib在这个答案中提供的那样。
decodeBase64 = function(s) {
var e={},i,b=0,c,x,l=0,a,r='',w=String.fromCharCode,L=s.length;
var A="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
for(i=0;i<64;i++){e[A.charAt(i)]=i;}
for(x=0;x<L;x++){
c=e[s.charAt(x)];b=(b<<6)+c;l+=6;
while(l>=8){((a=(b>>>(l-=8))&0xff)||(x<(L-2)))&&(r+=w(a));}
}
return r;
};
回答by Barlas Apaydin
You can use native fetchAPI:
您可以使用本机fetchAPI:
fetch("http://localhost:8888/validate",{
method:"GET",
headers: {"Authorization": "Bearer xxxxx"}
})
.then(res => res.json())
.then(
(result) => {
// do something
},
// Note: it's important to handle errors here
// instead of a catch() block so that we don't swallow
// exceptions from actual bugs in components.
(error) => {
// handle error
}
)
