I'm trying to call vuforia's webservice using react + axios, reading the docs of vuforia and following those steps when I make the call I get an error in chrome's console log which is:
xhr.js:121 Refused to set unsafe header "Date"
But if I understand correctly I have to declare the header "Date" in the request. How can I solve that, here is my code:
class App extends Component {
componentDidMount() {
var md5 = require('md5');
var base64 = require('base-64');
var hmacsha1 = require('hmacsha1');
var contentType = "application/json";
var hexDigest = "d41d8cd98f00b204e9800998ecf8427e";
var accessKey = "xxxxxxxxxxxx";
var secretKey = "xxxxxxxxxxx";
var date = new Date().toUTCString();
var url = `${'https://cors-anywhere.herokuapp.com/'}https://vws.vuforia.com/targets`;
var dateValue = date;
var requestPath = url;
var newLine = '\n';
var toDigest = `GET${newLine}${hexDigest}${newLine}${contentType}${newLine}${dateValue}${newLine}${requestPath}`;
var shaHashed = hmacsha1(secretKey, toDigest);
var signature = base64.encode(shaHashed);
const config = {
headers: {
'Date': `${date}`,
'Authorization': `VWS ${accessKey}:${signature}`
}
}
console.log(toDigest);
axios.get(url, config,{ crossdomain: true })
.then(json => console.log(json))
}
console.log(toDigest):
GET
d41d8cd98f00b204e9800998ecf8427e
application/json
Mon, 29 Oct 2018 12:45:26 GMT
https://cors-anywhere.herokuapp.com/https://vws.vuforia.com/targets
Change your config code from
const config = {
headers: {
'Date': `${date}`,
'Authorization': `VWS ${accessKey}:${signature}`
}
to
const config = {
headers: {
'Authorization': `VWS ${accessKey}:${signature}`
}
XMLHttpRequest isn't allowed to set the Date header, it is being set automatically by the browser. The reason is that by manipulating these headers you might be able to trick the server into accepting a second request through the same connection, one that wouldn't go through the usual security checks - that would be a security vulnerability in the browser. Here's the list of HTTP headers you can't set by yourself.
Let me know if you are still getting the error.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With