How to disable 'withcredentials' in HTTP header with node.js and Request package?
来源:互联网 发布:能读谱的软件 编辑:程序博客网 时间:2024/06/01 09:20
http://stackoverflow.com/questions/24433099/how-to-disable-withcredentials-in-http-header-with-node-js-and-request-package
Question:
Using node.js and the Request package from the browser (via browserify), I am using CORS to do a HTTP GET request on a separate domain.
On the server, when I set 'Access-Control-Allow-Origin'
to the wildcard '*'
, I get the following error on the client:
XMLHttpRequest cannot load .... A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin '...' is therefore not allowed access.
The HTTP request header looks like this:
Accept:*/*Accept-Encoding:gzip,deflate,sdchAccept-Language:en-US,en;q=0.8,ja;q=0.6Access-Control-Request-Headers:withcredentialsAccess-Control-Request-Method:GETCache-Control:no-cacheConnection:keep-aliveHost:localhost:3000Origin:http://localhost:9966Pragma:no-cacheReferer:http://localhost:9966/User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
So clearly the problem is Access-Control-Request-Headers:withcredentials
in the header, right?
To be able to remove this, I need to set the 'withcredentials' property of the 'XMLHttpRequest' object to 'false'. However, I cannot figure out where node.js or the Request package are creating the 'XMLHttpRequest' object, and how I can even access this.
Thanks.
Answer:After some investigation, I discovered that the withCredentials
setting can be passed in via the options parameter object:
var req = http.request({ withCredentials: false}, function(res) { //...});req.end();
If undefined
, the default setting is true
.
Reference from the http-browserify/lib/request.js
source:
if (typeof params.withCredentials === 'undefined') { params.withCredentials = true;}try { xhr.withCredentials = params.withCredentials }catch (e) {}
http://stackoverflow.com/a/24443043/2177408- How to disable 'withcredentials' in HTTP header with node.js and Request package?
- Using HTTP Proxy in Node.js with request package
- How to disable certain HTTP methods (PUT, DELETE, TRACE and OPTIONS) in JBOSS7
- How to use $http and $resource in Angular JS
- Docker: How to enable/disable HTTP Proxy in Toolbox
- How to Enable and Disable Root Login in Ubuntu
- How to send HTTP request in java?
- How do I write to files using cheerio and request in node?
- How to Use Buffers in Node.js
- How to disable datagridview column header to alllow sorting
- How to use SCAN and node listeners with different ports?
- use noscript html tag when user disable the javascript in browser, guide user how to enable the js in different browser and retu
- how to disable ipv6 in linux
- How to disable ARP in ns-2
- How to disable VirtualStore in Windows 7?
- How to send HTTP request GET/POST in Java
- How to download a file with Node.js?
- How to download a file with Node.js?
- Android SQLite数据库的详细使用
- RabbitMQ学习之安装
- MySQL之——忘记Root密码如何操作
- F - 今年暑假不AC
- CRC(循环冗余)校验
- How to disable 'withcredentials' in HTTP header with node.js and Request package?
- Square poj2362深度优先搜索+剪枝
- Android 7.0 新特性 分屏多窗口 中文API
- Servlet-web.xml配置模板
- 前端自动化之package.json
- Struts-struts-config.xml基本配置模板
- Tomcat之——内存溢出设置JAVA_OPTS
- JAVA学习笔记——00
- How to get the process ID to kill a nohup process?