我正在尝试从我的API中发布数据,但无法通过基本身份验证。
我尝试:
$.ajax({ type: 'POST', url: http://theappurl.com/api/v1/method/, data: {}, crossDomain: true, beforeSend: function(xhr) { xhr.setRequestHeader('Authorization', 'Basic ZWx1c3VhcmlvOnlsYWNsYXZl'); } });
我的服务器配置响应是:
response["Access-Control-Allow-Origin"] = "*" response["Access-Control-Allow-Methods"] = "POST" response["Access-Control-Max-Age"] = "1000" response["Access-Control-Allow-Headers"] = "*"
我得到的标题是:
请求标题
OPTIONS /api/v1/token-auth/ HTTP/1.1 Host: theappurl.com Connection: keep-alive Access-Control-Request-Method: POST Origin: http://127.0.0.1:8080 User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31 Access-Control-Request-Headers: origin, authorization, content-type Accept: */* Referer: http://127.0.0.1:8080/ Accept-Encoding: gzip,deflate,sdch Accept-Language: es,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
响应头
HTTP/1.1 401 Unauthorized Server: nginx/1.1.19 Date: Fri, 16 Aug 2013 01:29:21 GMT Content-Type: text/html Content-Length: 597 Connection: keep-alive WWW-Authenticate: Basic realm="Restricted"
我猜服务器配置不错,因为我可以从 高级REST客户端 (Chrome扩展程序)访问API
有什么建议?
PD:我从Advanced REST客户端获得的标头是:
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.63 Safari/537.31 Origin: chrome-extension://hgmloofddffdnphfgcellkdfbfbjeloo Authorization: Basic ZWx1c3VhcmlvOnlsYWNsYXZl Content-Type: application/x-www-form-urlencoded Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: es,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
和
Server: nginx/1.1.19 Date: Fri, 16 Aug 2013 01:07:18 GMT Content-Type: application/json; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept, Cookie Allow: POST, OPTIONS X-Robots-Tag: noindex
发送OPTION方法
您可以将用户名和密码作为URL的一部分:
http://user:passwd@www.server.com/index.html
看到这个URL,更多
URL和加密中传递的HTTP基本身份验证凭据
当然,您需要用户名密码,而不是'Basic hashstring。
'Basic hashstring
希望这可以帮助…