问题描述
我已经阅读了很多关于 preflight 和 CORS 的答案,所以请不要发布链接引用我应该阅读的内容.许多答案都是从服务器的角度来看的,但在这种情况下,我是客户.我是否设置了原始标头?我的假设是这是一个简单的请求,对吗?
I've read many answers of preflight and CORS so please do not post links referencing what I should read. Many of the answers are from a server-perspective, but I am the client in this case. Do I set the origin header? My assumption is that this is a simple request, am I right?
req.open("POST", url, true);
req.setRequestHeader( 'Content-Type', 'application/blahblah' );
req.setRequestHeader( 'Accept', 'application/blahblah' );
req.setRequestHeader("Authorization", "Basic " + btoa(user + ":" + pass));
req.send();
但它仍然无法正常工作,我的错误:
Yet its still not working, my error:
对预检请求的响应未通过访问控制检查:请求的资源上不存在Access-Control-Allow-Origin"标头.因此,Origin 'null' 不允许访问.响应的 HTTP 状态代码为 500.
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 500.
推荐答案
解决方案:
var req = new XMLHttpRequest();
req.setRequestHeader('Authorization', 'Basic [base64 encoded password here]' );
这篇关于如何将基本身份验证标头分配给 XMLHTTPREQUEST?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!