如何将基本身份验证标头分配给 XMLHTTPREQUEST?

我已经阅读了很多关于 preflight 和 CORS 的答案,所以请不要发布链接引用我应该阅读的内容.许多答案都是从服务器的角度来看的,但在这种情况下,我是客户.我是否设置了原始标头?我的假设是这是一个简单的请求,对吗?

I've read many answers of preflight and CORS so please do not post links referencing what I should read. Many of the answers are from a server-perspective, but I am the client in this case. Do I set the origin header? My assumption is that this is a simple request, am I right?

 req.open("POST", url, true);
 req.setRequestHeader( 'Content-Type',   'application/blahblah' );
 req.setRequestHeader( 'Accept', 'application/blahblah' );
 req.setRequestHeader("Authorization", "Basic " + btoa(user + ":" + pass)); 
 req.send();

但它仍然无法正常工作,我的错误:

Yet its still not working, my error:

对预检请求的响应未通过访问控制检查:请求的资源上不存在Access-Control-Allow-Origin"标头.因此,Origin 'null' 不允许访问.响应的 HTTP 状态代码为 500.

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 500.

推荐答案

解决方案:

var req = new XMLHttpRequest();
    req.setRequestHeader('Authorization', 'Basic [base64 encoded password here]' );

相关文章