我使用jQuert阿贾克斯函数来调用一个页面的方法。该网站使用FormsAuthentication。所以，当一个身份验证票证过期调用页面方法显然会导致重定向到登录页面。

I am using jQuert .ajax function to call a page method. The site is using FormsAuthentication. So when an authentication ticket expires a call to the page method will obviously cause a redirect to the login page.

现在，这写的System.Web.Handlers.ScriptModule天才决定，如果由于某种原因，一个REST风格调用页面方法或Web服务方法，通过JavaScript产生一个302重定向，他们将只简单地把响应变成401未授权。这会导致浏览器弹出一个登录的用户界面，完全是误导，因为用户试图在输入自己的用户名和密码，这意味着什么，因为FormsAuthentication使用。最后，当用户单击取消，401来通过对错误处理程序。

Now, the geniuses that wrote the System.Web.Handlers.ScriptModule decided that if for some reason a REST style call to a page method or a web service method, from JavaScript causes a 302 Redirect, they're going to just simply turn the response into a 401 Unauthorized. This causes a browser to popup a login UI that is totally misleading, as the user tries to type in their username and password, which means nothing, because FormsAuthentication is used. Finally, when the user clicks Cancel, the 401 comes through to the error handler.

所以，问题是，怎样才能禁用浏览器的登录界面提示以任何方式？在网络上有人建议使用在XHR请求用户名和密码，但它似乎并没有工作。

So, the question is, how can one disable the browser's login UI prompt in any way? Some people on the web suggest to use a username and password in the XHR request, but it does not seem to work.

推荐答案

我觉得我的工作围绕它。 Ofcourse依靠内部MS AJAX相关的错误是不是真的很好，但是这会做的伎俩为他人面临着这个问题。

I think I worked around it. Ofcourse relying on internal MS AJAX related errors is not really nice, but this will do the trick for others faces with this problem.

基本上，你做什么，是你设置的 X-MicrosoftAjax 报头值三角洲= TRUE （情况在这里很重要），该ScriptModule将跨preT这是一个正常的重定向，并把响应变成 200 ，但将设置在 pageRedirect 页面上的数据串任何的ScriptManager（MS-AJAX PageRequestManager可以）消费。该jQuery.ajax功能仍然会认为这是一个错误，所以基本上你可以检查 pageRedirect 在XHR的responseText属性，并相应hadle它。如发送用户的事情登录页面。

Basically what you do, is you set the X-MicrosoftAjax header to the value Delta=true (case is important here), the ScriptModule will interpret this as a normal redirect, and turn the response into a 200, but will set the pageRedirect data string for any ScriptManager (MS-AJAX PageRequestManager) on the page to consume. The jQuery.ajax function will still see this as an error, so basically you can check for pageRedirect in responseText property of the XHR and hadle it accordingly. Like sending the user to the login page of something.

    $.ajax({
            type: "POST",
            url: postUrl + "/SomePageMethod",
            data: "{searchString:\"" + escape(searchString) + "\"}",
            contentType: "application/json; charset=utf-8",
            beforeSend: function(xhr) {
                xhr.setRequestHeader("X-MicrosoftAjax","Delta=true");
            },
            dataType: "json",
            success: onSuccess,
            error: onError
        });

function onError(xhr, e, textStatus) {
    var isAjaxRedirect = xhr.status == 200 && xhr.responseText.match(/pageRedirect/);
    if (isAjaxRedirect == "pageRedirect") {
        // forms authentication ticket expired
        location.href = "a session timeout page, or a login page or whatever";
    }
}