我有一个BasicAuthenticationAttribute检查请求中的Authorization标头但是尽管它存在,它仍然认为Authorization标头为null:
public class BasicAuthenticationAttribute : ActionFilterAttribute { public override void OnActionExecuting(HttpActionContext actionContext) { if (actionContext.Request.Headers.Authorization == null) { actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); } ...
如果我检查actionContext.Request.Headers,我可以看到列出的授权:
{Connection: Keep-Alive Accept: */* Accept-Encoding: gzip,deflate Accept-Language: en-gb Authorization: REDACTED_BUT_PRESENT== Host: localhost:44300 Referer: https://localhost:44300/ User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E) }
更新
我刚刚检查了完整的请求标头,它们看起来像这样……我可以在第一部分看到Authorization标头,但第二部分中的Authorization标头显然为null.
request.Headers
{Connection: Keep-Alive Accept: */* Accept-Encoding: gzip,deflate Accept-Language: en-gb Authorization: REDACTED_BUT_PRESENT== Host: localhost:1734 Referer: http://localhost:1734/ User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E) } base {System.Net.Http.Headers.HttpHeaders}: {Connection: Keep-Alive Accept: */* Accept-Encoding: gzip,deflate Accept-Language: en-gb Authorization: VXNlcjpQYXNzd29yZA== Host: localhost:1734 Referer: http://localhost:1734/ User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; InfoPath.3; .NET4.0E) } Accept: {*/*} AcceptCharset: {} AcceptEncoding: {gzip,deflate} AcceptLanguage: {en-gb} Authorization: null CacheControl: null ... removed for brevity ... Warning: {}