hi, example:
fetch('https://registry.npm.taobao.org')
.then((response) => {
response.headers.forEach((val, key) => {
console.log(key, val)
})
})
output:
content-type application/json; charset=utf-8
but see the response information:
Access-Control-Allow-Origin:http://localhost:8080
Connection:keep-alive
Content-Length:776
Content-Type:application/json; charset=utf-8
Date:Fri, 23 Sep 2016 14:57:34 GMT
ETag:"308-KTjgFOxcNZRPaaFF01sFMw"
X-Current-Requests:1
X-ReadTime:1456
Why can't obtain other header information?
I'm guessing that the registry.npm.taobao.org response must explicitly allow the requester to read the headers via some CORS settings. When I manually hit registry.npm.taobao.org, I don't see any CORS headers being set.
Thanks! I find this is just one example of the URL, I tested locally, the server completes the CORS agreement and can normally obtain data.
When implementing jwt trying to get Authorization, but the findings are not obtained.
example:
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:8080
Authorization:Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9hcGkuY2xpZW50LmJlaWtyLm5ldFwvYXBpXC91c2VyIiwiaWF0IjoxNDc0NjQ1NTM5LCJleHAiOjE0NzQ2NDkxMzksIm5iZiI6MTQ3NDY0NTUzOSwianRpIjoiODA3ODFhYTYyZTJmMTczMGFjMzMxNGRmNDJkMzY3OTciLCJzdWIiOjF9.ixoOlBFLlJ0-TSu86O_zpsNf_xP3b7Nx6d5tU6mhQjY
Cache-Control:no-cache
Connection:close
Content-Length:259
Content-Type:application/json
Date:Fri, 23 Sep 2016 15:45:39 GMT
Server:Apache/2.4.18 (Unix) OpenSSL/1.0.2h PHP/7.0.8 mod_perl/2.0.8-dev Perl/v5.16.3
Vary:Authorization,Origin
X-Powered-By:PHP/7.0.8
I did a full example:
fetch('https://api-demo.websanova.com/')
.then((response) => {
response.json().then((json) => {
console.log(json)
})
response.headers.forEach((val, key) => {
console.log(key, val)
})
})
Data can be acquired, but the header is not acquired.
See the Access-Control-Expose-Headers description in this CORS tutorial.
Most helpful comment
See the
Access-Control-Expose-Headersdescription in this CORS tutorial.