使用 XMLHTTPRequest 进行基本身份验证
我正在尝试使用 XMLHTTPRequest 获取 Twitter 上的更新。
var XMLReq = new XMLHttpRequest();
XMLReq.open("GET", "http://twitter.com/account/verify_credentials.json", false, "TestAct", "password");
XMLReq.send(null);
但是,使用我的嗅探器我看不到任何授权标头被传递。因此,我收到了来自 Twitter 的 401 错误响应。
账号和密码输入正确。
有人尝试这个吗?有人能给我一些指点吗?谢谢。
I am attempting to use XMLHTTPRequest to get an update on twitter.
var XMLReq = new XMLHttpRequest();
XMLReq.open("GET", "http://twitter.com/account/verify_credentials.json", false, "TestAct", "password");
XMLReq.send(null);
However, using my sniffer I cannot see any authorization headers being passed through. Hence, I get a 401 error response from Twitter.
The account and password are correctly entered.
Anyone attempt this? Can anyone give me some pointers? Thank you.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您只需在 Base64 编码字符串中添加授权标头、用户名和密码,如下所示。
You just need to add a Authorization header, a user name and password in a base64 encoded string as follows.
在跨源请求中,如果您希望发送用户凭据,则必须显式设置
withCredentials标志。请参阅http://www.w3.org/TR/XMLHttpRequest/#the-withcredentials-attribute (其中 用户凭据 包括 HTTP 身份验证)
In cross-origin requests, you have to explicitly set the
withCredentialsflag if you want user credentials to be sent.See http://www.w3.org/TR/XMLHttpRequest/#the-withcredentials-attribute (where user credentials includes HTTP authentication)
由于来源政策,您无法从您的域向另一个域发出 XMLHttpRequest。例如,除非您的脚本是从
twitter.com加载的,否则您不能使用http://twitter.com/...URL。如果您的脚本是从http://localhost/加载的,则 AJAX 请求也需要转到 localhost。Due to the Origin policy, you cannot make a XMLHttpRequest from your domain to another domain. E.g. you cannot use
http://twitter.com/...URLs unless your script was loaded fromtwitter.com. If your script is loaded fromhttp://localhost/, the AJAX request also need to go to localhost.