问题描述
我目前正在尝试读取我通过 POST 请求调用的 PHP 脚本中的授权标头.Authorization 标头中填充了一个令牌.似乎授权标头在到达我的 PHP 脚本之前以某种方式被删除.我正在使用 Postman(Chrome 插件)执行发布请求,并在我的 PHP 脚本中启用了 CORS.我无法直接访问 apache 服务器.
I'm currently trying to read the authorization header in a PHP script that I'm calling with a POST request. The Authorization header is populated with a token. It seems the Authorization header is somehow removed before it arrives at my PHP script. I'm executing the post request with Postman (Chrome addon) and I enabled CORS in my PHP script. I don't have access to the apache server directly.
HTTP 请求:
Accept:*/*
Accept-Encoding:gzip,deflate
Accept-Language:de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4,ja;q=0.2
Authorization:Bearer mytoken
Cache-Control:no-cache
Connection:keep-alive
Content-Length:32
Content-Type:text/plain;charset=UTF-8
Host:www.myhost.com
Origin:chrome-extension://fdmmgilgnpjigdojojpjoooidkmcomcm
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/38.0.2125.104 Safari/537.36
PHP 脚本:
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: Authorization, Origin, X-Requested-With, Content-Type, Accept");
header("Content-Type: application/json");
$headers = getallheaders();
echo $headers['Authorization'];
上面的脚本输出''(=没有).
The above script outputs '' (= nothing).
推荐答案
经过一段时间后,找到了解决此问题的方法.不知何故,Authorization
标头被剥离了.通过在我的 .htaccess
中添加以下几行,我能够让它工作.
After quite some time a found a solution to this problem. Somehow the Authorization
header was stripped away. By adding the following lines in my .htaccess
, I was able to get it to work.
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
这篇关于PHP POST 请求中缺少授权标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!