AngularJS-使用Bearer令牌和Web API 2.0进行身份验证

我有一个问题，即使将$http.defaults.headers.common.Authorization设置为null，我仍然能够访问Web API 2.0应用程序的[Authorize]部分.

I have the problem that even though I set the $http.defaults.headers.common.Authorization to null I am still capable of accessing the [Authorize] part of my Web API 2.0 application.

当我从头启动应用程序并尝试通过初始GET请求检索数据时，不会出现此问题.这是当我从$http回调函数收到错误时.

This problem doesn't arise when I start the application from scratch and try to retrieve the data via an initial GET request. This is when I get an error from the $http callback function.

有人猜测为什么会这样吗?我非常有信心，承载令牌存储在浏览器中的某个位置，并且不会被正确删除...

Any guesses why this is happening? I am quite confident that the bearer token is stored somewhere in the browser and doesn't get deleted properly ...

Chrome(带有不记名令牌):

Chrome (With bearer token):

Chrome(无承载令牌):

Chrome (Without bearer token):

Internet Explorer(无承载令牌属性):

Internet Explorer (no bearer Token attribute):

首先，IE中的身份验证属性完全丢失.其次，在Chrome中，所有功能都可以完美运行.在IE中，我无法删除注销请求的令牌.带有区域[Authorize]部分摘要的登录部分效果很好.

First of all, the authentication property in IE is completely missing. Second, in Chrome everything works perfectly. In IE I have the issue that I can't erase the token for the logout request. The login part with the summary of the regions [Authorize] part works perfectly.