Jquery 授权标头未在AJAX请求中发送
我在正确发送授权头和AJAX请求时遇到问题。我已经了解到这可能是CORS的问题,但我相信所有配置都是正确的。以下是客户端的代码:Jquery 授权标头未在AJAX请求中发送,jquery,ajax,node.js,express,Jquery,Ajax,Node.js,Express,我在正确发送授权头和AJAX请求时遇到问题。我已经了解到这可能是CORS的问题,但我相信所有配置都是正确的。以下是客户端的代码: $.ajax({ url: <location>, method: "GET", headers: {"Authorization": 'Bearer ' + token}, success: function (user) { Cookies.set('use
$.ajax({
url: <location>,
method: "GET",
headers: {"Authorization": 'Bearer ' + token},
success: function (user) {
Cookies.set('user', user, {expires: 1});
}
});
和我的中间件来检查授权标头:
app.use(function (req, res, next) {
var config, authorization;
authorization = req.get('authorization');
if (!authorization) throw new NoAuthenticationError();
...
但是娜达
当我检查第二个中间件的头时,我注意到req.headers
包含访问控制请求头:“accept,authorization”
,但服务器端不存在显式授权头
有什么想法吗
编辑:我现在意识到我必须单独处理jQuery的初始飞行前选项请求。我会这样做,然后再报告…是的,正如我在编辑中所怀疑的那样。我只需要通过返回CORS头来处理选项请求:
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Origin', req.headers.origin || "*");
res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, HEAD, DELETE, OPTIONS');
res.header("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type, Accept");
if (req.method === 'OPTIONS') {
return res.end();
}
next();
});
app.use(function (req, res, next) {
res.header('Access-Control-Allow-Origin', req.headers.origin || "*");
res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, HEAD, DELETE, OPTIONS');
res.header("Access-Control-Allow-Headers", "Authorization, Origin, X-Requested-With, Content-Type, Accept");
if (req.method === 'OPTIONS') {
return res.end();
}
next();
});