对预检请求的响应未通过访问控制检查

对预检请求的响应未通过访问控制检查

本文介绍了对预检请求的响应未通过访问控制检查:响应中"Access-Control-Allow-Credentials"标头的值为“的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用Angle 6和asp.net核心上的SignalR功能.但是请继续获取此错误对预检请求的响应未通过访问控制检查:响应中"Access-Control-Allow-Credentials"标头的值为",当请求的凭据为真时,该值必须为"true"模式为包含".

进行了一些研究,发现这是服务器端的CORS问题.因此修改了服务器代码.

startup.cs

  public void ConfigureServices(IServiceCollection服务){services.AddCors(o => o.AddPolicy("CorsPolicy",builder =>{builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().WithOrigins("http://localhost:4200");}));services.AddSignalR();}公共无效配置(IApplicationBuilder应用程序,IHostingEnvironment env){app.UseCors("CorsPolicy");app.UseSignalR(routes =>{route.MapHub&SignalR>("/rule");});} 

角度应用

  ngOnInit(){this.callSignalR()}私人callSignalR():void {//设置信号R让连接=新signalR.HubConnectionBuilder().withUrl(environment.baseUrl +"/rule").build();//开始连接connection.start().then(()=> connection.invoke("updateRules",this.autheService.getCurrentuser.userId));//从服务器获取响应connection.on("updateRules",data => {console.log(data);});} 

引用

Access-Control-Allow-Origin-Angular 5

访问-响应中的Control-Allow-Credentials标头为",必须为"true"

https://github.com/aspnet/SignalR/issues/2095

https://github.com/SignalR/SignalR/issues/1694

https://github.com/aspnet/SignalR/issues/2110

解决方案

您必须允许您的cors策略使用凭据,因为signalr也在传递cookie.

  public void ConfigureServices(IServiceCollection服务){services.AddCors(o => o.AddPolicy("CorsPolicy",builder =>{builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials().WithOrigins("http://localhost:4200");}));services.AddSignalR();} 

I, am using the SignalR features on angular 6 and asp.net core. But keep getting this error Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'.

Did some research and found that it is CORS issue from the server side.So modified the server code.

startup.cs

public void ConfigureServices(IServiceCollection services)
        {
    services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
                {
                    builder.AllowAnyOrigin()
                           .AllowAnyMethod()
                           .AllowAnyHeader()
                           .WithOrigins("http://localhost:4200");
                }));
     services.AddSignalR();
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
        {
         app.UseCors("CorsPolicy");
         app.UseSignalR(routes =>
            {
                routes.MapHub<SignalR>("/rule");
            });
}

angular app

ngOnInit() {
this.callSignalR()
}

    private callSignalR(): void {
        // set up the signal R
        let connection = new signalR.HubConnectionBuilder().withUrl(environment.baseUrl+"/rule").build();
        //start the connection
        connection.start().then(() => connection.invoke("updateRules", this.autheService.getCurrentuser.userId));
        //Get the response from the server
        connection.on("updateRules", data => {console.log(data);});
      }

references

Access-Control-Allow-Origin - Angular 5

'Access-Control-Allow-Credentials' header in the response is '' which must be 'true'

https://github.com/aspnet/SignalR/issues/2095

https://github.com/SignalR/SignalR/issues/1694

https://github.com/aspnet/SignalR/issues/2110

解决方案

You must allow credentials for your cors-policy because signalr is passing cookies as well.

public void ConfigureServices(IServiceCollection services)
        {
    services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
                {
                    builder.AllowAnyOrigin()
                           .AllowAnyMethod()
                           .AllowAnyHeader()
                           .AllowCredentials()
                           .WithOrigins("http://localhost:4200");
                }));
     services.AddSignalR();
}

这篇关于对预检请求的响应未通过访问控制检查:响应中"Access-Control-Allow-Credentials"标头的值为“的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-15 22:55