Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/javascript/400.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Javascript 如何制作一个HTML5视频标签,通过WebAPI认证?_Javascript_Angular_Authentication_Asp.net Web Api_Cors - Fatal编程技术网
Fatal编程技术网
  • javascript/
  • Javascript 如何制作一个HTML5视频标签,通过WebAPI认证?

Javascript 如何制作一个HTML5视频标签,通过WebAPI认证?

javascript angular authentication asp.net-web-api cors

Javascript 如何制作一个HTML5视频标签,通过WebAPI认证?,javascript,angular,authentication,asp.net-web-api,cors,Javascript,Angular,Authentication,Asp.net Web Api,Cors,我有一个HTML 5视频标签指向我的ASP.NET WebAPI,它需要承载身份验证,我对我的API的大多数请求如下所示: GET http://localhost:29080/api/v1/users/me HTTP/1.1 Host: localhost:29080 Connection: keep-alive Accept: application/json, text/plain, */* Origin: http://localhost:4200 Authorization: Bear

我有一个HTML 5视频标签指向我的ASP.NET WebAPI,它需要承载身份验证,我对我的API的大多数请求如下所示:

GET http://localhost:29080/api/v1/users/me HTTP/1.1
Host: localhost:29080
Connection: keep-alive
Accept: application/json, text/plain, */*
Origin: http://localhost:4200
Authorization: Bearer c66b36fe-fcc1-49da-9b42-dac783768a06
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Referer: http://localhost:4200/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,fr;q=0.8
由于应用程序托管在不同的端口(最终是不同的地址),因此它受CORS的约束。我已经将我的WebAPI设置为兼容:

config.EnableCors(new EnableCorsAttribute("*", "*", "*"));
遗憾的是,我的HTML5视频标签似乎不适合这种设置

<video 
      crossorigin="use-credentials"
      src="http://localhost:29080/api/v1/entities/470/presentation-video">
除了:

GET http://localhost:29080/api/v1/entities/470/presentation-video 401 (Unauthorized)
我真的不知道该怎么想,我在某个地方读到过这样的消息,即可以像

但是我没办法让它工作

有什么想法吗?

好吧,我的解决方案是:

在我的前端应用程序中:

<video controls crossorigin="anonymous" src="..." </video>
错误表明,由于您询问了crossOrigin凭据,因此响应中的allow wildcard标头无效。“也许匿名会让你更幸运,但我不知道这和你的持票人有什么关系。”Kaido,因为在我的其他请求中,有一个允许auth:Authorization的头:Bearer c66b36fe-fcc1-49da-9b42-dac783768a06不确定它是否会引导我somewhere@Kaiido401 unauthorized=/@kaido问题是标记不允许您指定标题=/ 
<video controls crossorigin="anonymous" src="..." </video>

public void ConfigureAuth(IAppBuilder app)
{
    app.Use(async (context, next) =>
    {
        if (context.Request.QueryString.HasValue)
        {
            if (string.IsNullOrWhiteSpace(context.Request.Headers.Get("Authorization")))
            {
                var queryString = HttpUtility.ParseQueryString(context.Request.QueryString.Value);
                string token = queryString.Get("access_token");

                if (!string.IsNullOrWhiteSpace(token))
                {
                    context.Request.Headers.Add("Authorization", new[] { string.Format("Bearer {0}", token) });
                }
            }
        }

        await next.Invoke();
    });
    // Enable the application to use bearer tokens to authenticate users
    app.UseOAuthBearerTokens(OAuthOptions);
}