【问题标题】:Missing response header in UrlFetchApp.fetchUrlFetchApp.fetch 中缺少响应标头
【发布时间】:2020-03-13 18:01:22
【问题描述】:

我目前在通过 Google AppScript 使用 API 时遇到问题。

我能够查询 API 并获取结果,但我需要捕获特定的标头(链接),其中包含要在第二个查询中使用的键。

我正在使用来自HTTPResponse Class 的 getAllHeaders() 方法,但显然缺少目标标头。

您对如何获取此标头有任何想法吗?

这是我的代码:

function callShopify (action, productId, secondId) {

  var apiInfo = getShopifyFunction(action);
  var baseApiUrl = apiInfo[0];
  var functionUrl = apiInfo[1];
  var extension = apiInfo[2];

  var header = {'X-Shopify-Access-Token': getShopifyApiPass()};
  var options = {
    'method' : apiInfo[3],
    'headers' : header,
    'muteHttpExceptions' : true
  };

  var finalUrl = getShopifyWebsite() + baseApiUrl + productId + functionUrl + secondId + extension+"?limit=250";
  var lock = LockService.getScriptLock();
  lock.waitLock(1000); // lock 1 second
  var response = UrlFetchApp.fetch(finalUrl, options);
  var test = response.getAllHeaders();
  Logger.log(JSON.stringify(response.getAllHeaders())); 
  Logger.log(JSON.stringify(response.getHeaders()));
  lock.releaseLock();
  return (JSON.parse(response));
}

以下是 AppScript 方法返回的标头:

如您所见,“链接”标题不存在。

为了确保问题来自 AppScript,我还检查了 Chrome Inspector:

getAllHeaders & getHeader 方法的 JSON 结果:

{
   "Date":"Fri, 13 Mar 2020 18:36:47 GMT",
   "alt-svc":"h3-27=\":443\"; ma=86400, h3-25=\":443\"; ma=86400, h3-24=\":443\"; ma=86400, h3-23=\":443\"; ma=86400",
   "Connection":"keep-alive",
   "x-sorting-hat-podid":"96",
   "X-Download-Options":"noopen",
   "x-shardid":"96",
   "x-sorting-hat-shopid":"10366451809",
   "Referrer-Policy":"origin-when-cross-origin",
   "x-shopify-api-version":"2020-01",
   "x-shopid":"10366451809",
   "X-XSS-Protection":"1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=admin%2Fproducts&source%5Bsection%5D=admin_api&source%5Buuid%5D=86c9a9d7-96cd-4971-b1a6-57112df95a66",
   "X-Content-Type-Options":"nosniff",
   "x-shopify-stage":"production",
   "Vary":"Accept-Encoding",
   "Content-Encoding":"gzip",
   "Content-Security-Policy":"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://* shopify-pos://*; block-all-mixed-content; child-src 'self' https://* shopify-pos://*; connect-src 'self' wss://* https://*; frame-ancestors 'none'; img-src 'self' data: blob: https:; script-src https://cdn.shopify.com https://cdn.shopify.cn https://checkout.shopifycs.com https://js-agent.newrelic.com https://bam.nr-data.net https://api.stripe.com https://mpsnare.iesnare.com https://appcenter.intuit.com https://www.paypal.com https://js.braintreegateway.com https://c.paypal.com https://maps.googleapis.com https://www.google-analytics.com https://v.shopify.com https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=admin%2Fproducts&source%5Bsection%5D=admin_api&source%5Buuid%5D=86c9a9d7-96cd-4971-b1a6-57112df95a66",
   "x-shopify-api-terms":"By accessing or using the Shopify API you agree to the Shopify API License and Terms of Use at https://www.shopify.com/legal/api-terms",
   "Strict-Transport-Security":"max-age=7889238",
   "cf-cache-status":"DYNAMIC",
   "x-permitted-cross-domain-policies":"none",
   "expect-ct":"max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"",
   "x-shopify-shop-api-call-limit":"1/40",
   "x-stats-apipermissionid":"203626283105",
   "Report-To":[
      "{\"group\":\"network-errors\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify\"}]}",
      "{\"group\":\"network-errors\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify\"}]}"
   ],
   "Content-Type":"application/json; charset=utf-8",
   "x-stats-userid":"",
   "Transfer-Encoding":"chunked",
   "x-dc":"gcp-us-east1,gcp-us-central1,gcp-us-central1",
   "x-request-id":"86c9a9d7-96cd-4971-b1a6-57112df95a66",
   "Server":"cloudflare",
   "http_x_shopify_shop_api_call_limit":"1/40",
   "cf-ray":"5737dcc7198ff381-ATL",
   "Set-Cookie":"__cfduid=d9afe6e8299af1521516fd6a8cfa91f271584124606; expires=Sun, 12-Apr-20 18:36:46 GMT; path=/; domain=.myshopify.com; HttpOnly; SameSite=Lax",
   "X-Frame-Options":"DENY",
   "x-stats-apiclientid":"3403993",
   "nel":[
      "{\"report_to\":\"network-errors\",\"max_age\":2592000,\"failure_fraction\":0.01,\"success_fraction\":0.0001}",
      "{\"report_to\":\"network-errors\",\"max_age\":2592000,\"failure_fraction\":0.01,\"success_fraction\":0.0001}"
   ]
}[
   20-03-13 19:   36:   47:   382 CET
]{
   "x-stats-apiclientid":"3403993",
   "nel":"{\"report_to\":\"network-errors\",\"max_age\":2592000,\"failure_fraction\":0.01,\"success_fraction\":0.0001}",
   "Date":"Fri, 13 Mar 2020 18:36:47 GMT",
   "alt-svc":"h3-27=\":443\"; ma=86400, h3-25=\":443\"; ma=86400, h3-24=\":443\"; ma=86400, h3-23=\":443\"; ma=86400",
   "Connection":"keep-alive",
   "x-sorting-hat-podid":"96",
   "X-Download-Options":"noopen",
   "x-shardid":"96",
   "x-sorting-hat-shopid":"10366451809",
   "Referrer-Policy":"origin-when-cross-origin",
   "x-shopify-api-version":"2020-01",
   "x-shopid":"10366451809",
   "X-XSS-Protection":"1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=admin%2Fproducts&source%5Bsection%5D=admin_api&source%5Buuid%5D=86c9a9d7-96cd-4971-b1a6-57112df95a66",
   "X-Content-Type-Options":"nosniff",
   "x-shopify-stage":"production",
   "Vary":"Accept-Encoding",
   "Content-Encoding":"gzip",
   "Content-Security-Policy":"default-src 'self' data: blob: 'unsafe-inline' 'unsafe-eval' https://* shopify-pos://*; block-all-mixed-content; child-src 'self' https://* shopify-pos://*; connect-src 'self' wss://* https://*; frame-ancestors 'none'; img-src 'self' data: blob: https:; script-src https://cdn.shopify.com https://cdn.shopify.cn https://checkout.shopifycs.com https://js-agent.newrelic.com https://bam.nr-data.net https://api.stripe.com https://mpsnare.iesnare.com https://appcenter.intuit.com https://www.paypal.com https://js.braintreegateway.com https://c.paypal.com https://maps.googleapis.com https://www.google-analytics.com https://v.shopify.com https://widget.intercom.io https://js.intercomcdn.com 'self' 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=admin%2Fproducts&source%5Bsection%5D=admin_api&source%5Buuid%5D=86c9a9d7-96cd-4971-b1a6-57112df95a66",
   "x-shopify-api-terms":"By accessing or using the Shopify API you agree to the Shopify API License and Terms of Use at https://www.shopify.com/legal/api-terms",
   "Strict-Transport-Security":"max-age=7889238",
   "cf-cache-status":"DYNAMIC",
   "x-permitted-cross-domain-policies":"none",
   "expect-ct":"max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"",
   "x-shopify-shop-api-call-limit":"1/40",
   "x-stats-apipermissionid":"203626283105",
   "Report-To":"{\"group\":\"network-errors\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify\"}]}",
   "Content-Type":"application/json; charset=utf-8",
   "x-stats-userid":"",
   "Transfer-Encoding":"chunked",
   "x-dc":"gcp-us-east1,gcp-us-central1,gcp-us-central1",
   "x-request-id":"86c9a9d7-96cd-4971-b1a6-57112df95a66",
   "Server":"cloudflare",
   "http_x_shopify_shop_api_call_limit":"1/40",
   "cf-ray":"5737dcc7198ff381-ATL",
   "Set-Cookie":"__cfduid=d9afe6e8299af1521516fd6a8cfa91f271584124606; expires=Sun, 12-Apr-20 18:36:46 GMT; path=/; domain=.myshopify.com; HttpOnly; SameSite=Lax",
   "X-Frame-Options":"DENY"
}

【问题讨论】:

  • 我在test 中也看不到其他一些。喜欢nel。如果你尝试Logger.log(JSON.stringify(response.getAllHeaders())); Logger.log(JSON.stringify(response.getHeaders())); 会发生什么
  • 感谢您的帮助,我刚刚编辑了我的帖子以添加 JSON 响应。
  • 您能否查看浏览器发送的完整负载并确保发送的是相同的?
  • 所以我检查了一下,我能看到的唯一区别是,在我的浏览器中,我使用的是 CMS 预先设置的 HTTP 基本身份验证。例如:login:password@mywebsite/admin/api/2020-01/… 当我要使用带有来自脚本的令牌身份验证的标头时。
  • 您是否尝试过在 API 测试器中进行此调用?我使用chrome.google.com/webstore/detail/talend-api-tester-free-ed/…。尝试查看是否可以在 GAS 之外重新创建 API 调用。一旦你在那里工作,用相同的标题在 GAS 中复制。

标签: google-apps-script http-headers shopify urlfetch


【解决方案1】:

首先非常感谢IMTheNachoMan

我已经能够通过更新调用方法来解决这个问题。显然,当使用 HTTP 基本身份验证 VS 基于令牌的身份验证时,API 不会返回相同的标头。通过切换到 HTTP Basic Auth,我能够检索目标标头。

仅供参考,这是我现在使用的代码:

  var USERNAME = "myusername";
  var PASSWORD = "mypassword";

    var headers = {
    "Authorization" : "Basic " + Utilities.base64Encode(USERNAME + ':' + PASSWORD)
  };

  var params = {
    "method":"GET",
    "headers":headers
  };

  var finalUrl = 'https://mywebsite/admin/api/2020-01/products.json?limit=250'
  var response = UrlFetchApp.fetch(finalUrl, params);
  var test = response.GetAllHeaders();
  Logger.log(response.getContentText())

【讨论】:

  • 感谢这是我非常薄弱的​​领域,感谢您发布您的工作解决方案。
  • 您应该询问 API 提供者这是为什么。我觉得基于令牌的身份验证比基本身份验证更安全,因此使用它是首选/理想的。
  • 谢谢!经过咨询,这是 API 端的一个临时错误,24 小时后错误已得到纠正,我已经能够重新使用基于令牌的身份验证。
猜你喜欢
  • 2018-07-02
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2019-02-25
  • 1970-01-01
  • 1970-01-01
  • 1970-01-01
  • 2022-07-20
相关资源
最近更新 更多