我有一个基于REST的服务器,我想使用jQuery来沟通。 XML和JSON可作为响应格式,所以我使用JSON。
I have a REST based server which I am trying to communicate with using JQuery. Both XML and JSON are available as response formats, so I am using JSON.
The connections are all SSL so HTTP Basic Authentication has been our authorization method of choice, and we have had no problems with other front ends (raw Javascript, Silverlight, etc...)
Now I am attempting to put something together with JQuery and having endless problems using HTTP Basic Authentication.
我已经经历了无数previous问题冲刷其中大多数要么解决方案,似乎没有实际工作,或责怪整个问题的跨出身的访问,这是我已经克服了基本的JavaScript测试。的回答总是提供访问控制 - 允许 - 原产地
I have scoured through numerous previous questions most of which either have solutions that do not seem to actually work or blame the entire problem on cross origin access, which I have already overcome in basic Javascript testing. The responses always provide Access-Control-Allow-Origin
set to the provided Origin header in the request, and this can be seen in the responses of my tests.
In basic javascript, this entire call is very simply accomplished with:
req.open('GET', 'https://researchdev-vm:8111/card', true, 'test', 'testpassword');
The JQuery attempt at this is fairly standard:
username: 'test',
password: 'testpassword',
url: 'https://researchdev-vm:8111/card',
type: 'GET',
dataType: 'json',
crossDomain: true,
/*data: { username: 'test', password: 'testpassword' },*/
beforeSend: function(xhr){
//"Basic " + encodeBase64(username + ":" + password));
sucess: function(result) {
这实际上似乎合作,提供认证的唯一方法是直接插入Base64编码的恩在 beforeSend()
The only method that actually seems to work to provide authentication is the direct insertion of the Base64 encoded data in the beforeSend()
function. If this is not included, there is no progress made whatsoever. Username and password properties seem to be ignored entirely.
随着 beforeSend()
行为的规定,GET调用获取数据的积极响应包括在内。但是,由于这是一个跨站点调用,一个OPTIONS调用执行提前GET调用的,总是失败,因为它并没有使用 beforeSend的()
With the beforeSend()
behavior provided, the GET call gets a positive response with data included. However, because this is a cross site call, an OPTIONS call is performed ahead of the GET call and always fails, because it does not make use of beforeSend()
and therefore gets a 401 response due to failed authentication.
有没有更好的方式来完成的任务应该是一个很琐碎的电话吗?如果事实OPTIONS请求不使用的 beforeSend()
Is there a better way to accomplish what should be a very trivial call? Should the fact that the OPTIONS request does not make use of the beforeSend()
function processing be considered a bug? Is there perhaps a way to disable the OPTIONS check entirely? It is not possible to make this call not cross-site, as Javascript seems to consider even a different port number on the same machine as "cross-site".
This question is probably well past its' expiry date, but I was working with the same thing with Jquery and came across the same problem.
似乎用户名和密码属性不会做一个base64连接$ C $的用户名/密码了C为你做正常完成HTTP基本身份验证。
The username and password attributes do not seem to do a base64 encode of the username/password as you do to normally accomplish HTTP basic auth.
Look at the following requests (shortened for brevity), firstly using the "username" and "password" parameters in the JQuery AJAX method:
Request URL:http://testuser%40omnisoft.com:testuser@localhost:60023/Account
Request Method:GET
Accept:application/json, text/javascript, */*; q=0.01
And now with the beforeSend method:
Request URL:http://localhost:60023/Account
Request Method:GET
Accept:application/json, text/javascript, */*; q=0.01
Authorization:Basic dXNlcm5hbWU6cGFzc3dvcmQ=
Note that the first method does not include an 'Authorization' header in the request, but instead prefixes the target URL. I'm no expert on HTTP basic auth, but it would indicate that the former is not a proper implementation and therefore fails (or at least it does with my own server implementation).
至于你的选择要求使用JSONP - ?你可能尝试使用回调=
As to your OPTIONS request using JSONP - you could possibly try using ?callback=?
in your URL instead of using the crossdomain
option, just to be explicit.