问题
I am trying to hit a service end point and the service is a login service I am using the authentication type as basic ,The code is in react and using the fetch library however even if i set the headers field in my request I am unable to see the values of corresponding headers in my request in network tab?
Following is the code :
var obj = {
method: 'GET' ,
mode : 'no-cors',
headers: {
'Access-Control-Request-Headers': 'Authorization',
'Authorization': 'Basic amFzcGVyYWRtaW46amFzcGVyYWRtaW4=',
'Content-Type': 'application/json',
'Origin': ''
},
credentials: 'include'
};
fetch('http://myreport:8082/jasperserver/rest/login/', obj ).then(…
Popup where its asking me for username and password
Request and response calls from the network tabs
回答1:
None of your headers are CORS-safelisted, so they can not be attached to the request.
Explanation:
no-corsrequest mode setsguardproperty for a headers object torequest-no-corsTo append a name/value (name/value) pair to a Headers object (headers), browser have to run these steps:
Normalize value.
If name is not a name or value is not a value, then throw a TypeError.
If guard is "immutable", then throw a TypeError.
Otherwise, if guard is "request" and name is a forbidden header name, return.
Otherwise, if guard is
"request-no-cors"and name/value is not aCORS-safelisted request-header, return. ← your scenarioOtherwise, if guard is "response" and name is a forbidden response-header name, return.
Append name/value to header list.
CORS-safelisted request-header(case-insensitive):AcceptAccept-LanguageContent-LanguageContent-Type, but only if the value is one of:application/x-www-form-urlencodedmultipart/form-datatext/plain
You can learn more about fetch's Headers class specs here:
https://fetch.spec.whatwg.org/#headers-class
来源:https://stackoverflow.com/questions/44606244/using-fetch-api-with-mode-no-cors-can-t-set-request-headers