问题描述

无论如何，我们是否可以导航(通过<a/>单击)到请求中带有附加标头的URL?这是我的代码:

Is there anyway we can navigate (via <a/> click) to a URL with additional header in the request ? here's my code :

我有一个<a href="#" id="aUsers"/>标记，然后我通过JQuery处理onClick()事件:

i have an <a href="#" id="aUsers"/> tag, and then i handle the onClick() event via JQuery :

$('#aUsers').click(function () {
  var spAuthData = sessionStorage.getItem('sp-auth-data');
  window.location.href = '/users.html?sp-auth-data' = spAuthData;
});

我想将spAuthData值放在authorization标头中，这样我可以有一个干净的URL

I want to put the spAuthData value in the authorization header, so i can have a clean URL

推荐答案

据我所知，没有办法用纯URL操作HTTP标头.

As far as I know, there is no way to manipulate HTTP headers with a plain url.

如果适合您，可以使用jQuery AJAX请求的headers参数.例如，您可以使用AJAX HTML响应更新某些div的内容.

You can use headers parameter of jQuery AJAX request if it is suitable in your situation. For example, you can update the contents of some divs with AJAX HTML response.

$.ajax({
    url: '/users.html',
    headers: { 'Authorization': spAuthData }
}).done(function()
{
});

否则，您似乎需要进行一些服务器端更改.

Otherwise, it looks like you need to make some server-side changes.

但是为什么不使用cookie或类似的东西呢?
Authorization仅在授权期间由未授权用户使用.我认为，在浏览器的每个请求上手动发送此标头听起来很糟糕.最好的方法是在授权期间发送此标头一次，创建用户会话并将其存储在cookie中(作为访问令牌，表单票证或其他任何形式).

But why don't you use cookies or something like this?
Authorization is used only by unauthorized users during authorization. In my opinion, sending this header on every request from the browser manually sounds bad. The best approach is to send this header once during authorization, create a user session and store it in cookies (as an access-token, forms ticket or whatever else).

这篇关于导航到带有其他标题的URL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！