We have a problem with downloading files from the server in background mode. The HTTP header “Authorization” field is lost while redirecting the request to another server.

我们在后台模式下从服务器下载文件时遇到问题。在将请求重定向到另一个服务器时，HTTP标头“授权”字段丢失。

We made some experiments and noticed that other fields (even the same but with underscore symbol at the end “Authorization_”) work perfectly in redirect. Looks like this field is erased according to some security reasons like if different servers use different authentication data.

我们做了一些实验，并注意到其他字段（即使是相同但最后用“下划线”符号“Authorization_”）在重定向中完美地工作。看起来这个字段是根据一些安全原因被删除的，例如，如果不同的服务器使用不同的认证数据。

It is possible to append “Authorization” field manually in foreground mode using

可以使用前台模式手动附加“授权”字段

URLSession:task:willPerformHTTPRedirection:newRequest:completionHandler:

method. There’s a problem when we tried to use redirect request in background mode. Because according to the documentation "Tasks in background sessions automatically follow redirects.”.

方法。我们尝试在后台模式下使用重定向请求时出现问题。因为根据文档“后台会话中的任务会自动遵循重定向”。

I cannot find anything about skipping this field in RFC 2616, but suppose that probably there’s some undocumented solution to save “Authorization” field during redirect in background mode.

我在RFC 2616中找不到关于跳过此字段的任何内容，但是假设在后台模式下重定向期间可能存在一些未记录的解决方案来保存“授权”字段。

Let me assume that our front-end server may provide some special field in redirect response that would say that redirected server is trusted and we can use “Authorization” field without any modifications.

让我假设我们的前端服务器可能在重定向响应中提供一些特殊字段，可以说重定向服务器是可信的，我们可以使用“授权”字段而无需任何修改。

That is just an idea and probably we have to use it somehow else. Could you direct us please?

这只是一个想法，我们可能不得不以其他方式使用它。你能指点我们吗？

1 个解决方案

#1

---