对需要身份验证的云运行服务的 Ajax 请求
时间:2023-10-14问题描述
我遇到了与谷歌云有关的 CORS 相关问题,该服务运行在
需要身份验证.
I'm having a CORS related issue with google cloud run on a service that
requires authentication.
如果我尝试通过 cli 使用 Bearer 令牌执行 curl 命令,
一切正常.不幸的是,如果我尝试在 javascript 中通过 ajax 执行相同的调用,
我收到了 403.
If I try to execute a curl command through the cli, with a Bearer token,
everything works fine.
Unfortunately if I try to execute the same call through ajax in javascript,
I receive a 403.
const http = new XMLHttpRequest();
const url = 'https://my-app.run.app';
http.open("GET", url);
http.withCredentials = true;
http.setRequestHeader("authorization", 'Bearer ' + id_token);
http.send();
http.onreadystatechange = (e) => {
console.log(http.responseText)
}
云运行日志中的错误是这样的:
The error in the cloud run logs is this :
The request was not authenticated. Either allow unauthenticated invocations or set the proper Authorization header. Read more at https://cloud.google.com/run/docs/securing/authenticating
容器永远不会被击中.
我看到的问题是,当我在网络中使用 ajax 进行调用时
浏览器.网络浏览器正在发出飞行前请求(
url )而不发送授权标头(这是预期的
行为)
The issue I'm seeing is that, as I'm making the call using ajax, in a web
browser. The web browser is making a pre flight request ( OPTIONS on the
url ) without sending the Authorization header ( which is an expected
behavior )
问题似乎是云运行尝试验证 OPTIONS
请求并且永远不会到达我的容器,据我所知,
不应该这样做.(
https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0 )
The problem seems to be that cloud run tries to authenticate the OPTIONS
request and never makes it to my container, which, as far as I understand,
shouldn't be done. (
https://www.w3.org/TR/cors/#cross-origin-request-with-preflight-0 )
这是云运行的已知问题吗?
Is that a known issue with cloud run ?
如何向经过身份验证的云运行服务发出 ajax 请求?
How could I make an ajax request to an authenticated cloud run service ?
推荐答案
(Cloud Run PM)
(Cloud Run PM)
这是一个已知问题.有几个选项:
This is a known issue. There are a few options:
- 允许未经身份验证的请求并自行执行 CORS/身份验证
- Allow unauthenticated requests and do CORS/auth yourself
- 使用 Cloud Endpoints 在Cloud Run 在您的计算机前运行.让 Endpoints 对您的最终用户进行身份验证,然后将请求转发到您的后端.
- There is a variation of this that uses Cloud Endpoints running on Cloud Run in front of your compute. Have Endpoints do your end-user auth, then forward the request to your backend.
我们已经考虑实施 Istio CORSPolicy,它将在身份验证检查之前返回 CORS 标头,尽管我们目前还没有承诺.
We've considered implementing Istio CORSPolicy, which would return CORS headers before the auth check, though we're not committed to this as of now.
这篇关于对需要身份验证的云运行服务的 Ajax 请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!
相关文章
XHR HEAD 请求是否有可能不遵循重定向 (301 302)Is it possible for XHR HEAD requests to not follow redirects (301 302)(XHR HEAD 请求是否有可能不遵循重定向 (301 302))- NETWORK_ERROR:XMLHttpRequest 异常 101NETWORK_ERROR: XMLHttpRequest Exception 101(NETWORK_ERROR:XMLHttpRequest 异常 101)
- XMLHttpRequest 206 部分内容XMLHttpRequest 206 Partial Content(XMLHttpRequest 206 部分内容)
- XmlHttpRequest onprogress 间隔XmlHttpRequest onprogress interval(XmlHttpRequest onprogress 间隔)
- 如何修改另一个函数接收到的 XMLHttpRequest 响应文How can I modify the XMLHttpRequest responsetext received by another function?(如何修改另一个函数接收到的 XMLHttpRequest 响应文本?)
- XMLHttpRequest、jQuery.ajax、jQuery.post、jQuery.get 有什么What is the difference between XMLHttpRequest, jQuery.ajax, jQuery.post, jQuery.get(XMLHttpRequest、jQuery.ajax、jQuery.post、jQuery.get 有什么区别
最新文章
- 在同一来源上发出 XMLHttpRequest 时,有没有办法不
- Access-Control-Allow-Origin 不允许 XMLHttpRequest Origin
- PC从睡眠模式唤醒时开始调用js函数
- 从 <iframe> 发出的 XHR 请求的 Origin 标头
- 如何处理对后端服务进行相同调用的多个浏览器
- 带有标头的基本身份验证 - Javascript XMLHttpRequest
- xhr 发送 base64 字符串并在服务器中将其解码为文
- xmlhttprequest 状态 302 的问题
- 从 responseText 中获取特定内容
- 在 AJAX 中处理增量服务器响应(在 JavaScript 中)