如何在明确设置了’nosniff’头之后,阻止浏览器尝试解析JSON响应?

huangapple go评论94阅读模式
英文:

How do I stop a browser from attempting to parse a JSON response after explicitly setting the 'nosniff' header?

问题

我目前正在编写一个应用程序,该应用程序根据给定的查询发送JSON响应。后端正确地将数据发送到Postman,这让我认为它工作正常,因为那里没有错误。然而,当我尝试在浏览器中使用它时,我一直收到相同的“意外的空格字符”错误,而我知道它在Postman中是有效的。我应该提到,我是通过Angular中的以下方法调用它的:

public getCard(): Observable<any> {
 return this.http.get('localhost:4200/card')

我尝试将响应类型设置为'application/octet-stream',我尝试了'plain/text',但似乎都没有起作用。它应该只是将数据发送过去,并在控制台中显示出来。我计划稍后解决其他问题,我只是希望后端能够成功与前端通信。

因为这个问题困扰了我几个星期,所以我感觉要放弃了。

英文:

I'm currently writing an application that is meant to send out JSON reponses based on a given query. The backend properly sends data to Postman, which leads me to assume it works because there are no errors there. However, when attempting to work with it in the browser, I keep getting the same "Unexpected white space character" error, when I know that it works in postman. I should mention that I'm calling it via this method in Angular:

public getCard(): Observable&lt;any&gt; {
 return this.http.get(&#39;localhost:4200/card&#39;)

I've tried setting the response type to 'application/octet-stream' I've tried 'plain/text' and nothing seems to be working. It should just send the data over, and have it display in the console. I plan on dealing with the other issues later, I just want the backend to communicate with my frontend successfully.

I feel like giving up because this has been plaguing me for the last several weeks.

答案1

得分: 1

尝试使用以下代码:

public getCard(): Observable<string> {
  return this.http.get('localhost:4200/card');
}

或者

public getCard(): Observable<any> {
  return this.http.get('localhost:4200/card', { responseType: 'text' });
}

Angular HttpClient 根据返回值的类型确定响应的默认内容类型。因此,要么将返回值的类型指定为 Observable<string>(对于这种类型,默认的 responseTypetext),要么明确指定 responseType

英文:

Try

public getCard(): Observable&lt;string&gt; {
  return this.http.get(&#39;localhost:4200/card&#39;);
}

or

public getCard(): Observable&lt;any&gt; {
  return this.http.get(&#39;localhost:4200/card&#39;, { responseType: &#39;text&#39; });
}

The angular HttpClient determines the default content type of the response based on the type of the returned value. So either specify the type of the returned value to Observable&lt;string&gt; (for this type, the default responseType is text) or specify the responseType explictly.

答案2

得分: 0

我想给你关于这个问题的最新更新。根据我的代码实现方式,它会创建一个JSON对象并发送出去,然后再创建另一个并发送出去,导致完整的有效负载看起来像这样:

{
    ID: 1
}
{
    ID: 2
}

因此,它将是无效的JSON,因为它不是一个数组。正确的格式应该是这样的:

[
    {
        ID: 1
    },
    {
        ID: 2
    }
]

所以,对于我的问题,答案是实现方式。现在它发送出数组后,通信完全正常,但在我弄清楚如何让rxjs中的观察者处理从后端发送出的多个单独的JSON负载之前,我不得不删除并发实现,因为我的初始实现比“将所有内容放入数组并发送”方法快近100倍。

英文:

I wanted to give an update on this question. The way my code was implemented, it would create a JSON object, and send it out, then create another and send it out, resulting in the full payload looking like this;

{
    ID: 1
}
{
    ID: 2
}

As a result, it would be invalid JSON because it isn't in an array. The correct format would be like so:

[
    {
        ID: 1
    },
    {
        ID: 2
    }
]

So the answer to my question was the implementation. Now that it sends out the array, it is communicating perfectly, but I had to remove my implementation of concurrency until I can figure out how to have an Observer in rxjs handle multiple single piece JSON payloads being send out from the backend since my initial implementation was nearly 100x faster than the 'put everything in an array and send it' approach.

huangapple
  • 本文由 发表于 2023年4月20日 10:20:49
  • 转载请务必保留本文链接:https://go.coder-hub.com/76060068.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定