CORS and HTTP authentication

假如想象 提交于 2021-02-10 08:08:06

问题


I'm trying make some ajax queries from domain A to domain B which is behind HTTP basic auth

Here is my Jquery (1.9.1) ajax call

jQuery.ajax({
    method : "POST",
    data: s,
    withCredentials: true,
    headers: {
        "Authorization" : "Basic " + btoa('user:pass')
    },
    url: "http://domainB/script.php",
    success: function(data){
        console.log(data);
    }
});

And script.php

<?php

header('Access-Control-Allow-Origin: http://domainA');
header('Access-Control-Allow-Methods: POST');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Headers: Authorization, Content-Type');

header('Content-Type: application/json');

/**
 * Some stuff here
 */

echo json_encode( $json_response );

For some reason I ignore, I got this error in javascript console

Access to XMLHttpRequest at 'http://domainB/script.php' from origin 'http://domainA' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource

I don't understand what the error is, Access-Control-Allow-Origin is set...

I tried many solutions found a little bit everywhere but without success.. May someone have a solution ?

Thanks

来源:https://stackoverflow.com/questions/55263246/cors-and-http-authentication

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!