我有一个BasicAuthenticationAttribute检查请求中的Authorization标头但是尽管它存在,它仍然认为Authorization标头为null:
public class BasicAuthenticationAttribute : ActionFilterattribute { public override void OnActionExecuting(HttpActionContext actionContext) { if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); } ...
如果我检查actionContext.Request.Headers,我可以看到列出的授权:
{Connection: Keep-Alive
Accept: */*
Accept-Encoding: gzip,deflate
Accept-Language: en-gb
Authorization: REDACTED_BUT_PRESENT==
Host: localhost:44300
Referer: https://localhost:44300/
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E)
}
更新
我刚刚检查了完整的请求标头,它们看起来像这样……我可以在第一部分看到Authorization标头,但第二部分中的Authorization标头显然为null.
request.Headers
{Connection: Keep-Alive
Accept: */*
Accept-Encoding: gzip,deflate
Accept-Language: en-gb
Authorization: REDACTED_BUT_PRESENT==
Host: localhost:1734
Referer: http://localhost:1734/
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E)
}
base {System.Net.Http.Headers.HttpHeaders}: {Connection: Keep-Alive
Accept: */*
Accept-Encoding: gzip,deflate
Accept-Language: en-gb
Authorization: VXNlcjpQYXNzd29yZA==
Host: localhost:1734
Referer: http://localhost:1734/
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E)
}
Accept: {*/*}
AcceptCharset: {}
AcceptEncoding: {gzip,deflate}
AcceptLanguage: {en-gb}
Authorization: null
CacheControl: null
... removed for brevity ...
Warning: {}
