问题
I have a javascript code to be used for api (ajax) and I need to send header "date" to api-server (required header), but chrome tells me 'refused to set unsafe header "Date" ' and I get response from api-server like "missing required http date header".
I'm using jquery.
code sample:
var d = new Date();
var headers = {};
headers["Date"] = d.toUTCString();
jQuery.ajax({
url: '<some HTTPS url>'
type: "get",
crossDomain: true,
headers: headers,
....
})
the same code works fine in firefox. does anybody have any ideas how to fix it?
回答1:
Yeah Chrome must refuse your request because the standard says:
Terminate these steps if header is a match for one of the following headers: [...]
- Date
Reference: http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method
回答2:
You can't. Since you are sending a XHR request it MUST be terminated according to the standard when you set a whole list of prohibited headers:
http://www.w3.org/TR/XMLHttpRequest2/#the-setrequestheader-method
You'll need to proxy through your originating url or some other work around.
回答3:
Its lame because if you use Firefox and the RestClient you can do it. But you can't if you use Chrome and the "Advanced Rest Client"
来源:https://stackoverflow.com/questions/6973403/chrome-extension-refuse-header-date-in-ajax-request