如何从跨域 Ajax 请求访问 Content-Length 标头?

发布于 2024-10-15 05:44:33 字数 826 浏览 6 评论 0原文

我的 JavaScript 应用程序需要在使用 Ajax 下载资源之前确定资源的长度。通常这不是问题,您只需发出 HEAD 请求并提取 Content-Length 即可。

var xhr = $.ajax({type:"HEAD", url: "http://own-domain/file.html"})
xhr.getResponseHeader("Content-Length")  
// "2195"

但是,资源存储在与客户端不同的服务器上。 (我控制的服务器)。因此,我使用 CORS 发出跨域 ajax 请求,并设置服务器来响应 HEAD 请求和带有自定义标头的 GET/POST 请求的预检请求。

这在主要方面工作得很好,但在使用 CORS 时,我似乎找不到从 HEAD 响应中提取 Content-Length 的方法:

var xhr = $.ajax({type:"HEAD", url: "http://other-domain/file.html"})
xhr.getResponseHeader("Content-Length")
// ERROR: Refused to get unsafe header "Content-Length"

我已经尝试过在预检或中设置各种标头在响应中,例如

Access-Control-Expose-Headers: Content-Length

规范似乎建议应该使其可用。但无论我做什么,我似乎都无法使 Content-Length 标头可供客户端使用。有什么建议吗?

(铬8)

My JavaScript application needs to determine the length of a resource before downloading it with Ajax. Ordinarily this is not a problem, you just make a HEAD request and extract the Content-Length.

var xhr = $.ajax({type:"HEAD", url: "http://own-domain/file.html"})
xhr.getResponseHeader("Content-Length")  
// "2195"

However, the resources are stored on a different server to the client. (A server I control). So I'm using CORS to make cross domain ajax requests, and have set up the server to respond to preflighting requests for HEAD requests and GET/POST requests with custom headers.

That is working great in the main, but I can't seem to find a way extract the Content-Length from the HEAD response when working with CORS:

var xhr = $.ajax({type:"HEAD", url: "http://other-domain/file.html"})
xhr.getResponseHeader("Content-Length")
// ERROR: Refused to get unsafe header "Content-Length"

I have experimented with setting various headers in the preflighting or in the response, such as

Access-Control-Expose-Headers: Content-Length

which the specification seems to suggest should make it available. But no matter what I do, I can't seem to make the Content-Length header available to the client. Any suggestions?

(Chrome 8)

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

源来凯始玺欢你 2024-10-22 05:44:33

我遇到了同样的问题,直到我在其他地方找到一个线程,教我在我的 .htaccess 上添加这一行:

Header add Access-Control-Expose-Headers "Content-Length"

然后 BOOM,它得到修复。

I was having the same problem, till I found a thread somewhere else that taught me to add this line on my .htaccess:

Header add Access-Control-Expose-Headers "Content-Length"

Then BOOM, it got fixed.

万水千山粽是情ミ 2024-10-22 05:44:33

我发现所有浏览器中的 CORS 响应标头支持都有问题。在 Chrome/Safari 中,我只在 getAllResponseHeaders() 的结果中看到简单的响应标头(http://www.w3.org/TR/cors/#terminology),即使“Access-Control-Expose-Headers”标头也是如此在响应中设置。在 Firefox 3.6.13 中, getAllResponseHeaders() 不返回任何内容(甚至不返回简单的响应标头)。作为一种解决方法,我想您可以重载一个简单的响应标头以包含内容长度,但这可能会导致其他问题,并且仍然无法修复 Firefox。

I've found CORS response header support in all browsers to be buggy. In Chrome/Safari, I only see simple response headers (http://www.w3.org/TR/cors/#terminology) in the result of getAllResponseHeaders(), even when the "Access-Control-Expose-Headers" header is set in the response. And in Firefox 3.6.13, getAllResponseHeaders() doesn't return anything (not even simple response headers). As a workaround, I suppose you could overload one of the simple response headers to include the content-length, but that may cause other issues, and still wouldn't fix Firefox.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文