我正在尝试在Android 2.3.3上进行跨域GET请求。我正在服务器上使用CORS筛选器。我已经在chrome,firefox,iphone上进行了测试,效果很好。在android 2.3.3中,预检请求看起来不错,但实际请求并未发送Origin标头。我得到的数据还不错,但是ajax错误出现,状态为0。我尝试将其更改为POST请求,并且有效!
这是ajax代码:
...
$.ajax( {
beforeSend: function (xhr, settings) {
xhr.withCredentials = true;
xhr.setRequestHeader('Authorization', 'Bearer myoathtoken');
},
dataType: "json",
type: "GET",
url: getMyUrl() + '/data.json',
success: function(data) {
alert("It works");
}
});
这是get的结果(无效)
OPTIONS http://test2.mydomain:9990/data.json HTTP/1.1
Host: test2.mydomain:9990
Accept-Encoding: gzip
Accept-Language: en-US
Access-Control-Request-Headers: Authorization, Accept
Cookie: mycookie=mycookieval
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7
Referer: http://test.mydomain:9990/
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
Origin: http://test.mydomain:9990
Access-Control-Request-Method: GET
Accept: text/xml, text/html, application/xhtml+xml, image/png, text/plain, */*;q=0.8
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: http://test.mydomain:9990
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: HEAD, GET, OPTIONS, POST
Access-Control-Allow-Headers: Authorization, X-Requested-With, Origin, Accept, Content-Type
Content-Length: 0
Date: Fri, 03 Feb 2012 21:29:05 GMT
GET http://test2.mydomain:9990/data.json HTTP/1.1
Host: test2.mydomain:9990
Accept-Encoding: gzip
Referer: http://test.mydomain:9990/
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
Cookie: mycookie=mycookieval
Authorization: Bearer oauthtoken
Accept: application/json, text/javascript, */*; q=0.01
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 03 Feb 2012 21:29:08 GMT
这是发送帖子的结果(作品)
OPTIONS http://test2.mydomain:9990/data.json HTTP/1.1
Host: test2.mydomain:9990
Accept-Encoding: gzip
Accept-Language: en-US
Access-Control-Request-Headers: Authorization, Accept
Cookie: mycookie=mycookieval
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7
Referer: http://test.mydomain:9990/
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
Origin: http://test.mydomain:9990
Access-Control-Request-Method: POST
Accept: text/xml, text/html, application/xhtml+xml, image/png, text/plain, */*;q=0.8
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: http://test.mydomain:9990
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS, POST, HEAD, GET
Access-Control-Allow-Headers: Authorization, X-Requested-With, Origin, Accept, Content-Type
Content-Length: 0
Date: Fri, 03 Feb 2012 21:21:30 GMT
POST http://test2.mydomain:9990/data.json HTTP/1.1
Host: test2.mydomain:9990
Accept-Encoding: gzip
Accept-Language: en-US
Cookie: mycookie=mycookieval
Authorization: Bearer oauthtoken
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7
Referer: http://test.mydomain:9990/
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
Origin: http://test.mydomain:9990
Accept: application/json, text/javascript, */*; q=0.01
Content-Length: 0
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: http://test.mydomain:9990
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 03 Feb 2012 21:21:32 GMT
我做了一些测试,并从等式中删除了授权标头,并使用GET进行了工作。不知道为什么授权标头会导致它对于get请求失败。有任何想法吗?
最佳答案
我有同样的问题,但是授权标头不是问题,但是GET请求中缺少原始标头。这就是发布请求有效的原因-有一个原始标头,对于CORS,原始标头是必需的。
坦白说,OPTIONS Preflight调用已设置了Origin Header。