0

客户:

$.support.cors = true;

// ajax option
beforeSend: function (XHR) {
  XHR.withCredentials = true;
  XHR.setRequestHeader("Authorization", "Bearer " + base.accessToken);
}

我使用“fiddler”并捕获请求,它显示不包含 cookie。

AuthN 服务器已设置 cookie。

4

2 回答 2

1

Actually, preflight requests won't be sent with the cookie, it's just used to check wteather server api support CORS. So maybe you can close authentication of your server for OPTIONS methods

于 2017-03-31T11:45:13.387 回答
0

$.support.cors = 真;

就够了。

服务器端需要添加“AccessControlAllowCredentials”httpheader。

于 2013-06-06T01:06:02.633 回答