我正在使用 AngularJS 开发前端应用程序,我正在尝试登录 elgg 平台。如此处文档中所述,如果要使用 HMAC 身份验证,则必须添加一些自定义标头。在 AngularJS 中,我使用了拦截器。
$httpProvider.interceptors.push(function($q, HMAC){
return {
// optional method
'request': function(config) {
// do something on success
console.log("Interceptor Config-> ",config);
console.log("HTTP? --> ",config.url.indexOf('http'));
if(config.url.indexOf('http') == 0){
//do something only on http requests
config.headers = config.headers || {};
config.headers['X-Elgg-apikey'] = "";
config.headers['X-Elgg-time'] = "";
config.headers['X-Elgg-none'] = "";
config.headers['X-Elgg-hmac'] = "";
config.headers['X-Elgg-hmac-algo'] = "";
}
console.log("Return -->", config);
return config || $q.when(config);
}
};
});
但我得到的回应是:
XMLHttpRequest cannot load http://localhost/elgg-1.9.8/elgg-1.9.8/services/api/rest/xml/?method=auth.gettoken.
Request header field X- Elgg-hmac-algo is not allowed by Access-Control-Allow-Headers.
我在本地主机上的网络服务器上有 apache,并且我已经配置:
<Directory />
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Request-Headers "*"
Header always set Access-Control-Request-Method "*"
AllowOverride none
Require all denied
</Directory>
我还检查了响应标头,这是我得到的:
HTTP/1.1 200 OK
Date: Sat, 30 May 2015 13:37:07 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.1j PHP/5.6.3 mod_perl/2.0.8-dev Perl/v5.16.3
Access-Control-Allow-Origin: *
Access-Control-Request-Headers: *
Access-Control-Request-Method: *
X-Powered-By: PHP/5.6.3
Cache-Control: no-cache, must-revalidate
Expires: Fri, 05 Feb 1982 00:00:00 -0500
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 81
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
我找不到错误在哪里。我在服务器上设置了标头响应,但我仍然在控制台上收到此错误。谢谢