本文介绍了MVC6 Cors - 拦截预检的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

限时删除!!

我将我的WebApi升级到MVC6。



在WebApi我可以拦截每个HTTP请求,如果它是一个预检我可以响应头浏览器会接受。



我想弄清楚如何做同样的事情在MVC6 WebApi。



这是WebApi代码。

  protected void Application_BeginRequest(object sender,EventArgs e)
{
if(Context.Request.Path.Contains(api /)&& amp;& amp;& amp;&& Allow-Origin,Context.Request.Headers [Origin]);
Context.Response.AddHeader(Access-Control-Allow-Headers,Origin,X-Requested-With,Content-Type,Accept);
Context.Response.AddHeader(Access-Control-Allow-Methods,GET,POST,PUT,DELETE,OPTIONS);
Context.Response.AddHeader(Access-Control-Allow-Credentials,true);
Context.Response.End();
}
}

如何用MVC6做同样的事情? / p>

感谢,
Bob



这是我根据反馈进行的下一次尝试。如果我理解中间件管道,我可能自己想出来。



我试过这个代码,但它并没有像我所希望的http请求。

  public void配置(IApplicationBuilder应用程序,IHostingEnvironment env)
{
//配置HTTP请求管道。
app.UseStaticFiles();

//将MVC添加到请求管道。
app.UseMvc();
//为移植Web API 2控制器添加以下路由。
// routes.MapWebApiRoute(DefaultApi,api / {controller} / {id?});

//自定义中间件在每个调用进入时检查它们。
app.Use(async(httpContext,next)=>
{
if .Request.Path.Value.Contains(api /)&&& httpContext.Request.Method ==OPTIONS)
{
httpContext.Response.Headers.Add(Access Control -Allow-Origin,new [] {httpContext.Request.Headers [Origin]});
httpContext.Response.Headers.Add(Access-Control-Allow-Headers,new [] {原始,请求的X请求,内容类型,接受});
httpContext.Response.Headers.Add(访问控制允许方法,新[] {GET,POST,PUT, DELETE,OPTIONS});
httpContext.Response.Headers.Add(Access-Control-Allow-Credentials,new [] {true});
return;
}
await next();
});

}


解决方案

请添加您自己的。这里是一个快速添加它的内联示例,但你也可以封装在一个类中:

  app.Use(async(httpContext, next)=> 
{
if(httpContext.Request.Path.Value.Contains(api /)&&& httpContext.Request.Method ==OPTIONS)
{
httpContext.Response.Headers.Add(Access-Control-Allow-Origin,new [] {httpContext.Request.Headers [Origin]});
httpContext.Response.Headers。 Add(Access-Control-Allow-Headers,new [] {Origin,X-Requested-With,Content-Type,Accept});
httpContext.Response.Headers.Add -Allow-Methods,new [] {GET,POST,PUT,DELETE,OPTIONS});
httpContext.Response.Headers.Add(Access-Control-Allow-Credentials,new [] { true});
return;
}
await next();
});

您可能还想关注以支持ASP 5框架


I'm upgrading my WebApi(s) to MVC6.

In WebApi I could intercept every HTTP request and if it was a preflight I could respond with headers the browser would accept.

I'm trying to figure out how to do the same thing in MVC6 WebApi.

Here is the WebApi code.

    protected void Application_BeginRequest(object sender, EventArgs e)
    {
        if (Context.Request.Path.Contains("api/") && Context.Request.HttpMethod == "OPTIONS")
        {
            Context.Response.AddHeader("Access-Control-Allow-Origin", Context.Request.Headers["Origin"]);
            Context.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
            Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
            Context.Response.AddHeader("Access-Control-Allow-Credentials", "true");
            Context.Response.End();
        }
    }

How do I do the same thing with MVC6?

Thanks,Bob

Here is my next attempt based on feedback. I could probably figure this out on my own if I understood the middleware pipeline. I'll learn it now of course.

I tried this code but it's not hit on http requests as I had hoped.

    public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        // Configure the HTTP request pipeline.
        app.UseStaticFiles();

        // Add MVC to the request pipeline.
        app.UseMvc();
        // Add the following route for porting Web API 2 controllers.
        // routes.MapWebApiRoute("DefaultApi", "api/{controller}/{id?}");

        // custom middleware to checked each call as it comes in.
        app.Use(async (httpContext, next) =>
        {
            if (httpContext.Request.Path.Value.Contains("api/") && httpContext.Request.Method == "OPTIONS")
            {
                httpContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { httpContext.Request.Headers["Origin"] });
                httpContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Origin, X-Requested-With, Content-Type, Accept" });
                httpContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "GET, POST, PUT, DELETE, OPTIONS" });
                httpContext.Response.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" });
                return;
            }
            await next();
        });

    }
解决方案

You can add your own middleware for that. Here is a quick example adding it inline, but you could also encapsulate in a class:

app.Use(async (httpContext, next) =>
{
    if (httpContext.Request.Path.Value.Contains("api/") && httpContext.Request.Method == "OPTIONS")
    {
        httpContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { httpContext.Request.Headers["Origin"] });
        httpContext.Response.Headers.Add("Access-Control-Allow-Headers", new[] { "Origin, X-Requested-With, Content-Type, Accept" });
        httpContext.Response.Headers.Add("Access-Control-Allow-Methods", new[] { "GET, POST, PUT, DELETE, OPTIONS" });
        httpContext.Response.Headers.Add("Access-Control-Allow-Credentials", new[] { "true" });
        return;
    }
    await next();
});

You will probably also want to keep an eye on the ongoing work to support cors within the ASP 5 framework

这篇关于MVC6 Cors - 拦截预检的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

1403页,肝出来的..

09-06 23:13