英文:
Get request failed with custom header
问题
这是我的AngularJS代码(如果我删除header选项,它可以正常工作)。
$http.get(env.apiURL()+'/banks', {headers: {'Authorization': 'Bearer '+localStorageService.get('access_token')}})
这是请求:
OPTIONS /banks HTTP/1.1Host: localhost:8080Connection: keep-aliveAccess-Control-Request-Method: GETOrigin: http://localhost:8081User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36Access-Control-Request-Headers: accept, authorizationAccept: */*Referer: http://localhost:8081/Accept-Encoding: gzip,deflate,sdchAccept-Language: en-US,en;q=0.8,vi;q=0.6
以及响应:
HTTP/1.1 404 Not FoundAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, AuthorizationAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETEAccess-Control-Allow-Origin: http://localhost:8081Content-Type: text/plain; charset=utf-8Date: Mon, 17 Mar 2014 11:05:20 GMTContent-Length: 19
我添加了Accept和Authorization头,但请求仍然失败了。是大小写问题(即authorization与Authorization)导致了失败吗?如果是的话,我该如何让AngularJS停止这样做?
if origin := req.Header.Get("Origin"); origin == "http://localhost:8081" {rw.Header().Set("Access-Control-Allow-Origin", origin)rw.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")rw.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")}
Go服务器路由代码:
r := mux.NewRouter()r.HandleFunc("/banks", RetrieveAllBank).Methods("GET")http.ListenAndServe(":8080", r)
英文:
Here is my AngularJS code, (it works fine if I remove the header option).
$http.get(env.apiURL()+'/banks', {headers: {'Authorization': 'Bearer '+localStorageService.get('access_token')}})
Here is the request:
OPTIONS /banks HTTP/1.1Host: localhost:8080Connection: keep-aliveAccess-Control-Request-Method: GETOrigin: http://localhost:8081User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36Access-Control-Request-Headers: accept, authorizationAccept: */*Referer: http://localhost:8081/Accept-Encoding: gzip,deflate,sdchAccept-Language: en-US,en;q=0.8,vi;q=0.6
And response:
HTTP/1.1 404 Not FoundAccess-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, AuthorizationAccess-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETEAccess-Control-Allow-Origin: http://localhost:8081Content-Type: text/plain; charset=utf-8Date: Mon, 17 Mar 2014 11:05:20 GMTContent-Length: 19
I added both Accept and Authorization header but the request still fails?
Does the capitalization (I mean authorization vs Authorization) result in that failure? If yes, how can I make AngularJS stop doing that?
if origin := req.Header.Get("Origin"); origin == "http://localhost:8081" {rw.Header().Set("Access-Control-Allow-Origin", origin)rw.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")rw.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")}
Go server routing code:
r := mux.NewRouter()r.HandleFunc("/banks", RetrieveAllBank).Methods("GET")http.ListenAndServe(":8080", r)
答案1
得分: 8
好的,以下是翻译好的内容:
好的,问题是因为我忘记处理"OPTIONS"请求(为了使浏览器发送CORS,浏览器会首先发送一个预检请求OPTIONS,然后如果服务器接受,再发送真正的请求)。
我只需要修改我的Go服务器(请参考注释):
func main() {r := mux.NewRouter()r.HandleFunc("/banks", RetrieveAllBank).Methods("GET")http.ListenAndServe(":8080", &MyServer{r})}type MyServer struct {r *mux.Router}func (s *IMoneyServer) ServeHTTP(rw http.ResponseWriter, req *http.Request) {if origin := req.Header.Get("Origin"); origin == "http://localhost:8081" {rw.Header().Set("Access-Control-Allow-Origin", origin)rw.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")rw.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")}// 如果是预检请求OPTIONS,则在此处停止处理if req.Method == "OPTIONS" {return}// 让Gorilla处理s.r.ServeHTTP(rw, req)}
英文:
OK, the issue because I fotgot to handle the "OPTIONS" request (to make a CORS browser will send a preflight OPTIONS request first and then the 'real' request if accepted by the server).
I only need to modify my Go server (see the comment):
func main() {r := mux.NewRouter()r.HandleFunc("/banks", RetrieveAllBank).Methods("GET")http.ListenAndServe(":8080", &MyServer{r})}type MyServer struct {r *mux.Router}func (s *IMoneyServer) ServeHTTP(rw http.ResponseWriter, req *http.Request) {if origin := req.Header.Get("Origin"); origin == "http://localhost:8081" {rw.Header().Set("Access-Control-Allow-Origin", origin)rw.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")rw.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")}// Stop here if its Preflighted OPTIONS requestif req.Method == "OPTIONS" {return}// Lets Gorilla works.r.ServeHTTP(rw, req)}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论