我尝试从我的API获取POST数据,但我无法通过基本身份验证…
我试试:
$.ajax({
type: 'POST',url: http://theappurl.com/api/v1/method/,data: {},crossDomain: true,beforeSend: function(xhr) {
xhr.setRequestHeader('Authorization','Basic ZWx1c3VhcmlvOnlsYWNsYXZl');
}
});
我的服务器配置响应是:
response["Access-Control-Allow-Origin"] = "*" response["Access-Control-Allow-Methods"] = "POST" response["Access-Control-Max-Age"] = "1000" response["Access-Control-Allow-Headers"] = "*"
我得到的标题是:
请求标头
OPTIONS /api/v1/token-auth/ HTTP/1.1 Host: theappurl.com Connection: keep-alive Access-Control-Request-Method: POST Origin: http://127.0.0.1:8080 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML,like Gecko) Chrome/26.0.1410.63 Safari/537.31 Access-Control-Request-Headers: origin,authorization,content-type Accept: */* Referer: http://127.0.0.1:8080/ Accept-Encoding: gzip,deflate,sdch Accept-Language: es,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
响应头
HTTP/1.1 401 Unauthorized Server: Nginx/1.1.19 Date: Fri,16 Aug 2013 01:29:21 GMT Content-Type: text/html Content-Length: 597 Connection: keep-alive WWW-Authenticate: Basic realm="Restricted"
我猜是什么服务器配置是好的,因为我可以从Advanced REST Client(Chrome扩展)访问API,
有什么建议么?
PD:
我从高级REST客户端获得的标题是:
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML,like Gecko) Chrome/26.0.1410.63 Safari/537.31
Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo
Authorization: Basic ZWx1c3VhcmlvOnlsYWNsYXZl
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip,sdch
Accept-Language: es,en;q=0.8
Accept-Charset: ISO-8859-1,*;q=0.3
和
Server: Nginx/1.1.19 Date: Fri,16 Aug 2013 01:07:18 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept,Cookie Allow: POST,OPTIONS X-Robots-Tag: noindex
发送OPTION方法
解决方法
您可以将用户和密码作为URL的一部分:
http://user:passwd@www.server.com/index.html
请参阅此URL,了解更多
HTTP Basic Authentication credentials passed in URL and encryption
当然,你需要用户名密码,它不是’基本hashstring。
希望这可以帮助…
