問題描述

我正在開發一個為用戶解析 gmail rss 提要的擴展程序.如果他們不想保持登錄狀態，我允許用戶指定用戶名/密碼.但是，如果用戶已登錄并且提供的用戶名/密碼用于不同的帳戶，則這會中斷多次登錄.所以我想避免發送任何 cookie，但仍然能夠在 send() 調用中發送用戶名/密碼.

I'm working on an extension that parses the gmail rss feed for users. I allow the users to specify username/passwords if they don't want to stay signed-in. But this breaks for multiple sign-in if the user is signed-in and the username/password provided is for a different account. So I want to avoid sending any cookies but still be able to send the username/password in the send() call.

推薦答案

從 Chrome 42 開始，fetch API 允許 Chrome 擴展(以及Web 應用程序)來執行無 cookie 請求.HTML5 Rocks 提供了有關使用 fetch API 的介紹性教程.

As of Chrome 42, the fetch API allows Chrome extensions (and web applications in general) to perform cookie-less requests. HTML5 Rocks offers an introductory tutorial on using the fetch API.

fetch 的高級文檔目前非常稀少，但 規范中的 API 接口 是一個很好的起點.接口下面描述的 fetch 算法顯示 fetch 生成的請求默認是沒有憑據的！

Advanced documentation on fetch is quite sparse at the moment, but the API interface from the specification is a great starting point. The fetch algorithm described below the interface shows that requests generated by fetch have no credentials by default!

fetch('http://example.com/').then(function(response) {
    return response.text(); // <-- Promise<String>
}).then(function(responseText) {
    alert('Response body without cookies:
' + responseText);
}).catch(function(error) {
    alert('Unexpected error: ' + error);
});

如果你想要真正的匿名請求，你也可以禁用緩存:

If you want truly anonymous requests, you could also disable the cache:

fetch('http://example.com/', {
    // credentials: 'omit', // this is the default value
    cache: 'no-store',
}).then(function(response) {
    // TODO: Handle the response.
    // https://fetch.spec.whatwg.org/#response-class
    // https://fetch.spec.whatwg.org/#body
});

這篇關于在同一來源上發出 XMLHttpRequest 時，有沒有辦法不發送 cookie?的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！