问题描述
我试图以这种方式在.NET Core中启用CORS:
I am trying to enable CORS in .NET Core in this way:
public IConfigurationRoot Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options => options.AddPolicy("AllowAll", p => p.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()));
services.AddMvc();
}
public void Configure(IApplicationBuilder app)
{
app.UseCors("AllowAll");
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller=Home}/{action=Index}/{id?}");
});
}
}
但是,当我发送使用Angular 2对我的应用程序的请求我得到了著名的
However, when I am sending a request to my app with Angular 2 I am getting the famous
错误消息。
I我也使用Windows身份验证+ WebListener。
如果我要与邮递员联系,则唯一的响应标头是:
I am also using Windows Authentication + WebListener.If I am checking with postman the only response headers are:
因此仍然必须配置一些错误。有建议吗?
So there must be still something wrong configured. Any proposals?
如果我删除了注释过的行,则可以,但是我需要Windows身份验证:-(
If I remove the outcommented line it works, but I need Windows Authentication :-(
var host = new WebHostBuilder()
.UseWebListener()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup<Startup>()
//.UseWebListener(options => options.Listener.AuthenticationManager.AuthenticationSchemes = AuthenticationSchemes.NTLM)
.Build();
推荐答案
假设您已回答问题,但出于对搜索者的利益,我对该标准也遇到了同样的问题上的教程。
Assume you have the answer, but for the benefit of searchers, I had the same problem with the standard tutorial on .NET Core Cors.
遇到的许多错误之一:
在玩了之后,以下代码起作用了。
After playing around, the following code worked. Full class posted below to aid understanding of what goes where.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Logging;
using Microsoft.EntityFrameworkCore;
using Microsoft.AspNetCore.Cors.Infrastructure;
namespace NetCoreWebApiTesting
{
public class Startup
{
public Startup(IHostingEnvironment env)
{
var builder = new ConfigurationBuilder()
.SetBasePath(env.ContentRootPath)
.AddJsonFile("appsettings.json", optional: true, reloadOnChange: true)
.AddJsonFile($"appsettings.{env.EnvironmentName}.json", optional: true);
if (env.IsEnvironment("Development"))
{
// This will push telemetry data through Application Insights pipeline faster, allowing you to view results immediately.
builder.AddApplicationInsightsSettings(developerMode: true);
}
builder.AddEnvironmentVariables();
Configuration = builder.Build();
}
public IConfigurationRoot Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container
public void ConfigureServices(IServiceCollection services)
{
// Add framework services.
services.AddApplicationInsightsTelemetry(Configuration);
services.AddMvc().AddJsonOptions(options => options.SerializerSettings.ReferenceLoopHandling =
Newtonsoft.Json.ReferenceLoopHandling.Ignore);
// ********************
// Setup CORS
// ********************
var corsBuilder = new CorsPolicyBuilder();
corsBuilder.AllowAnyHeader();
corsBuilder.AllowAnyMethod();
corsBuilder.AllowAnyOrigin(); // For anyone access.
//corsBuilder.WithOrigins("http://localhost:56573"); // for a specific url. Don't add a forward slash on the end!
corsBuilder.AllowCredentials();
services.AddCors(options =>
{
options.AddPolicy("SiteCorsPolicy", corsBuilder.Build());
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseApplicationInsightsRequestTelemetry();
app.UseApplicationInsightsExceptionTelemetry();
app.UseMvc();
// ********************
// USE CORS - might not be required.
// ********************
app.UseCors("SiteCorsPolicy");
}
}
}
要使用它,您可以添加 EnableCorsAttribute 在控制器或方法上。例如
To use it you can add the EnableCorsAttribute either on the controller or on the method. e.g.
[EnableCors("SiteCorsPolicy")]
[Route("api/[controller]")]
public class BlogsController : Controller
{
}
或
// POST api/value
[EnableCors("SiteCorsPolicy")]
[HttpPost]
public HttpResponseMessage Post([FromBody]Blog value)
{
// Do something with the blog here....
var msg = new HttpResponseMessage(System.Net.HttpStatusCode.OK);
return msg;
}
当我使用以下代码调用此代码时(使用标准js / jQuery,以便于复制和粘贴),通讯不再被拒绝。
When I called this using the following code (using standard js/jQuery for easy of copy and paste), the communication stopped being rejected.
function HandleClick() {
var entityData = {
"blogId": 2,
"url": "http://blog.com/blog1",
"posts": [
{
"postId": 3,
"title": "Post 1-1",
"content": "This is post 1 for blog 1",
"blogId": 2
},
{
"postId": 4,
"title": "Post 1-2",
"content": "This is post 2 for blog 1",
"blogId": 2
}
]
};
$.ajax({
type: "POST",
url: "http://localhost:64633/api/blogs",
async: true,
cache: false,
crossDomain: true,
data: JSON.stringify(entityData),
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (responseData, textStatus, jqXHR) {
var value = responseData;
},
error: function (responseData, textStatus, errorThrown) {
alert('POST failed.');
}
});
}
这篇关于.NET Core中的CORS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!