1. 首頁
  2. 問答
  3. Ajax GET請求與授權頭和CORS在Android 2.3.3

Ajax GET請求與授權頭和CORS在Android 2.3.3

2012-02-05 67 views
2

我試圖在Android 2.3.3上提出跨域GET請求。我在服務器上使用CORS過濾器。我已經在Chrome,Firefox,iPhone上測試了它,它工作正常。使用android 2.3.3的預檢請求看起來不錯,但實際的請求不是發送Origin標頭。我得到的數據只是很好,但ajax錯誤狀態爲0.我嘗試將其更改爲POST請求,並且工作!Ajax GET請求與授權頭和CORS在Android 2.3.3

下面是Ajax代碼:

...

$.ajax({ 
    beforeSend: function (xhr, settings) { 
     xhr.withCredentials = true; 
     xhr.setRequestHeader('Authorization', 'Bearer myoathtoken'); 
    }, 
    dataType: "json", 
    type: "GET", 
    url: getMyUrl() + '/data.json', 
    success: function(data) { 
     alert("It works"); 
    } 
});

這裏是爲獲得滿意的結果(不起作用

OPTIONS http://test2.mydomain:9990/data.json HTTP/1.1 
Host: test2.mydomain:9990 
Accept-Encoding: gzip 
Accept-Language: en-US 
Access-Control-Request-Headers: Authorization, Accept 
Cookie: mycookie=mycookieval 
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7 
Referer: http://test.mydomain:9990/ 
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34)   AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 
Origin: http://test.mydomain:9990 
Access-Control-Request-Method: GET 
Accept: text/xml, text/html, application/xhtml+xml, image/png, text/plain, */*;q=0.8 

HTTP/1.1 200 OK 
Server: Apache-Coyote/1.1 
Access-Control-Allow-Origin: http://test.mydomain:9990 
Access-Control-Allow-Credentials: true 
Access-Control-Allow-Methods: HEAD, GET, OPTIONS, POST 
Access-Control-Allow-Headers: Authorization, X-Requested-With, Origin, Accept, Content-Type 
Content-Length: 0 
Date: Fri, 03 Feb 2012 21:29:05 GMT 

GET http://test2.mydomain:9990/data.json HTTP/1.1 
Host: test2.mydomain:9990 
Accept-Encoding: gzip 
Referer: http://test.mydomain:9990/ 
Accept-Language: en-US 
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34)  AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 
Cookie: mycookie=mycookieval 
Authorization: Bearer oauthtoken 
Accept: application/json, text/javascript, */*; q=0.01 
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7 

HTTP/1.1 200 OK 
Server: Apache-Coyote/1.1 
Cache-Control: no-cache 
Content-Type: application/json;charset=UTF-8 
Transfer-Encoding: chunked 
Date: Fri, 03 Feb 2012 21:29:08 GMT

這裏有結果(作品

OPTIONS http://test2.mydomain:9990/data.json HTTP/1.1 
Host: test2.mydomain:9990 
Accept-Encoding: gzip 
Accept-Language: en-US 
Access-Control-Request-Headers: Authorization, Accept 
Cookie: mycookie=mycookieval 
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7 
Referer: http://test.mydomain:9990/ 
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 
Origin: http://test.mydomain:9990 
Access-Control-Request-Method: POST 
Accept: text/xml, text/html, application/xhtml+xml, image/png, text/plain, */*;q=0.8 

HTTP/1.1 200 OK 
Server: Apache-Coyote/1.1 
Access-Control-Allow-Origin: http://test.mydomain:9990 
Access-Control-Allow-Credentials: true 
Access-Control-Allow-Methods: OPTIONS, POST, HEAD, GET 
Access-Control-Allow-Headers: Authorization, X-Requested-With, Origin, Accept, Content-Type 
Content-Length: 0 
Date: Fri, 03 Feb 2012 21:21:30 GMT 

POST http://test2.mydomain:9990/data.json HTTP/1.1 
Host: test2.mydomain:9990 
Accept-Encoding: gzip 
Accept-Language: en-US 
Cookie: mycookie=mycookieval 
Authorization: Bearer oauthtoken 
Accept-Charset: utf-8, iso-8859-1, utf-16, *;q=0.7 
Referer: http://test.mydomain:9990/ 
User-Agent: Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; sdk Build/GRI34) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1 
Origin: http://test.mydomain:9990 
Accept: application/json, text/javascript, */*; q=0.01 
Content-Length: 0 

HTTP/1.1 200 OK 
Server: Apache-Coyote/1.1 
Access-Control-Allow-Origin: http://test.mydomain:9990 
Access-Control-Allow-Credentials: true 
Cache-Control: no-cache 
Content-Type: application/json;charset=UTF-8 
Transfer-Encoding: chunked 
Date: Fri, 03 Feb 2012 21:21:32 GMT

我做了一些更多的測試,並將授權標頭從公式中取出,並與GET做了一些工作。不確定授權標頭爲什麼會導致它無法獲取請求。有任何想法嗎?

來源

2012-02-05 bmurmistro

+0

我創建了一個簡單的測試頁來測試CORS請求。您可以在Android中嘗試您的請求,並查看響應是什麼:http://client.cors-api.appspot.com/client?server.enable=true&server.httpstatus=200&server.methods=GET&server.headers=Authorization&client.method = GET&client.headers.Authorization =測試 – monsur 2012-02-06 20:30:09

+0

感謝您的迴應! 發送GET請求到http://server.cors-api.appspot.com/server? ID = 6058740&則httpStatus = 200&方法= GET和頭=授權,以自定義標題 射擊XHR事件:loadstart 射擊XHR事件:readystatechange 射擊XHR事件:錯誤 XHR狀態:0 XHR狀態文本: – bmurmistro 2012-02-06 20:46:15

+0

我下載Android相同的響應2.2,2.3和3.x.對於它的價值,控制檯日誌在3.x中返回:E/browser(333):控制檯:XMLHttpRequest無法加載http://server.cors-api.appspot.com/server?id=6202948&httpstatus=200&methods=GET&headers =授權。 Access- Control-Allow-Origin不允許訪問原始http://client.cors-api.appspot.com。 null:1 – bmurmistro 2012-02-06 21:11:31

回答

1

我有同樣的問題,但它不是授權標題的問題,但GET請求中缺少Origin Header。這也是發佈請求正在發揮作用的原因 - 有一個Origin頭文件,CORS必須使用Origin Header。

Stange的事情是OPTIONS預檢呼叫有一個原始標題集。

來源

2012-12-06 06:57:19 Markus

相關問題

 相關問題