使用 jQuery.ajax 请求和 jsonp 进行基本身份验证
我有一些本地 html/js 文件,我想通过 https 调用一些远程服务器,并最终对请求使用基本身份验证。
我遇到两个问题。首先,如果我没有为 dataType 指定“jsonp”,jQuery.ajax() 请求将返回错误:
访问受限 URI 被拒绝代码: 1012
我的请求是否被视为跨域,因为我的主要工作文件存储在本地,但从其他地方的服务器检索数据?
很好,我更新了调用,现在看起来像:
$.ajax({
url: myServerUrl,
type: "GET",
dataType: "jsonp", // considered a cross domain Ajax request if not specified
username: myUsername,
password: myPassword,
success: function(result)
{
// success handling
},
error: function(req, status, errThrown){
// error handling
}
})
因为我需要使用基本身份验证,所以我传递了用户名/密码,但如果我监视请求,我看不到它被设置,此外,服务器发送错误响应,因为它没有预期的信息。
此外,因为我设置了 jsonp
,所以 beforeSend
将不会被调用。
如何使用基本身份验证传递此请求的凭据?
I have some local html/js files with which I'd like to invoke some remote servers via https and eventually use Basic Authentication for the request.
I am encountering two problems. First is that if I don't specify 'jsonp' for the dataType, jQuery.ajax() request returns the error:
Access to restricted URI denied code:
1012
Are my requests considered cross-domain because my main work file is stored locally, but retrieving data from a server elsewhere?
So fine, I update the call so it now looks like:
$.ajax({
url: myServerUrl,
type: "GET",
dataType: "jsonp", // considered a cross domain Ajax request if not specified
username: myUsername,
password: myPassword,
success: function(result)
{
// success handling
},
error: function(req, status, errThrown){
// error handling
}
})
Because I need to use Basic Authentication, I'm passing in the username/password but if I monitor the request, I don't see it being set and additionally, the server sends an error response since it doesn't have the expected info.
Additionally, because I have jsonp
set, beforeSend
won't get invoked.
How do I pass along the credentials using Basic Authentication for this request?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
简而言之,你不能这样做。您的怀疑是正确的,因为您是本地的,而这些文件是远程的,您无法访问它们,您被 同源策略。解决方法是 JSONP,但这似乎并不适用于您的情况...
JSONP 的工作方式不同,它是通过
标记包含的 GET 请求来获取文件,因此您不会发送特殊标头或任何内容。
您需要通过您所在的服务器(运行此脚本的域)或其他代理选项来代理请求,但从客户端到另一个域的请求被阻止,主要是出于安全原因。
The short version is you can't do this. Your suspicions are correct, because you're local and these files are remote, you can't access them, you're being blocked by the same-origin policy. The work-around for that is JSONP, but that really doesn't seem to apply to your situation...
JSONP works differently, it's a GET request via a
<script>
tag include to get the file, so you're not sending special headers or anything.You'll need to proxy the request through the server you're on (the domain of where this script is running) or another proxy option, but going from the client to another domain is blocked, mainly for security reasons.
尝试执行 http://user:password@restservice。这模仿了基本身份验证请求。
Try doing http://user:password@restservice. This mimics a basic-auth request.
我认为您必须添加某种服务器代理。 JSONP 只是使用脚本标签的一种特殊方式。因此,它不允许设置任意标头。当然,您无法执行跨源 XHR。
I think you'll have to add a server proxy of some sort. JSONP is just a particular way to use a script tag. Thus, it doesn't allow setting arbitrary headers. And of course, you can't do a cross-origin XHR.