Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/javascript/473.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Javascript 通过AJAX访问Genius API而不接收飞行前请求的http 403的正确方法是什么?_Javascript_Ajax_Rest_Http_Google Chrome Extension - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • Javascript 通过AJAX访问Genius API而不接收飞行前请求的http 403的正确方法是什么?

Javascript 通过AJAX访问Genius API而不接收飞行前请求的http 403的正确方法是什么?

javascript ajax rest http google-chrome-extension

Javascript 通过AJAX访问Genius API而不接收飞行前请求的http 403的正确方法是什么?,javascript,ajax,rest,http,google-chrome-extension,Javascript,Ajax,Rest,Http,Google Chrome Extension,我正在构建一个非常小的google chrome扩展来打开我在Spotify上收听的歌曲的歌词页面。我成功地从Spotify获得了歌曲数据,我可以向Genius验证用户身份,但当我搜索歌曲时,请求在飞行前失败 Genius正在用{“meta”:{“status”:403,“message”:“当前作用域禁止的操作”}进行响应,chrome正在控制台上打印:飞行前的响应具有无效的HTTP状态代码403 尽管Genius似乎指责令牌的作用域,但我尝试使用所有作用域进行身份验证(me,create\u

我正在构建一个非常小的google chrome扩展来打开我在Spotify上收听的歌曲的歌词页面。我成功地从Spotify获得了歌曲数据,我可以向Genius验证用户身份,但当我搜索歌曲时,请求在飞行前失败

Genius正在用
{“meta”:{“status”:403,“message”:“当前作用域禁止的操作”}
进行响应,chrome正在控制台上打印:
飞行前的响应具有无效的HTTP状态代码403

尽管Genius似乎指责令牌的作用域,但我尝试使用所有作用域进行身份验证(
me
create\u annotation
manage\u annotation
,以及
vote
),问题仍然存在。同样的请求也适用于使用相同令牌的邮递员

我的代码如下:

let xhttp = new XMLHttpRequest();
xhttp.open("GET", "https://api.genius.com/search?q=Paranoid", true);
xhttp.setRequestHeader("Authorization", "Bearer " + accessToken);
xhttp.send();
完整请求:

General
Request URL:https://api.genius.com/search?q=Paranoid
Request Method:OPTIONS
Status Code:403 
Remote Address:104.16.213.100:443
Referrer Policy:no-referrer-when-downgrade

Request Headers
:authority:api.genius.com
:method:OPTIONS
:path:/search?q=Paranoid
:scheme:https
accept:*/*
accept-encoding:gzip, deflate, br
accept-language:pt-BR,pt;q=0.9,en-US;q=0.8,en;q=0.7
access-control-request-headers:authorization
access-control-request-method:GET
origin:chrome-extension://ppkhnbipegikhcenmfgpajgphcdkgdej
user-agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36

Response Headers
access-control-allow-headers:Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type, Accept, X-Auth-Token, Authorization
access-control-allow-methods:GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin:*
cache-control:no-cache
cf-ray:3e3dc4d51f888138-GRU
content-encoding:gzip
content-type:application/json; charset=utf-8
date:Sat, 27 Jan 2018 18:27:56 GMT
expect-ct:max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server:cloudflare
set-cookie:__cfduid=db59a3c93b09d3f7b0907ed395ceb1b341517077676; expires=Sun, 27-Jan-19 18:27:56 GMT; path=/; domain=.genius.com; HttpOnly
status:403
status:403 Forbidden
via:1.1 vegur
x-runtime:11
Genius API,供参考:

我在React上做了类似的事情,并且得到了相同的错误,因为我在网上没有找到答案,唯一对我有效的方法是:不单独请求url并发送头进行身份验证(正如文档中建议的那样)有效的方法是将访问令牌作为查询字符串发送(不发送头),如: 
https://api.genius.com/search?q=Paranoid&access_token=YOUR_ACCESS_TOKEN