角.net核心api cors预检请求错误 [英] angular .net core api cors preflight request error

问题描述

我无法使cors使用角.net core 2.1，但出现此错误：

I am unable to make cors work angular .net core 2.1 I get this error:

在' https：//dev...SaveAPP '来自来源' https：/ / page 已被CORS政策阻止：对飞行前请求的响应未通过访问控制检查：飞行前请求不允许重定向。

Access to XMLHttpRequest at 'https://dev...SaveAPP' from origin 'https://page' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

这是我的startup.cs

this is my startup.cs

public void ConfigureServices(IServiceCollection services)
{
    services.AddCors(options =>
    {
        options.AddPolicy("AllowAll",
            builder => builder.WithOrigins("http://localhost:4200", "https://e.corpintra.net", "https://specit-dtna-dev.e.corpintra.net", "https://specit-dtna.e.corpintra.net", "https://specit-dtna-test.e.corpintra.net")
                                  .AllowAnyMethod()
                                  .WithExposedHeaders("content-disposition")
                                  .AllowAnyHeader()
                                  .AllowCredentials()
                                  .SetPreflightMaxAge(TimeSpan.FromSeconds(3600)));
    });

    services.Configure<MvcOptions>(options =>
    {
        options.Filters.Add(new CorsAuthorizationFilterFactory("AllowAll"));
    });

    services.AddMvc().AddJsonOptions(options => options.SerializerSettings.ContractResolver = new DefaultContractResolver());
    services.AddAuthentication(IISDefaults.AuthenticationScheme);
}

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
    }

    if (env.IsProduction() || env.IsStaging())
    {
        app.UseExceptionHandler("/Error");
    }
    // app.UseCorsMiddleware();
    app.UseCors("AllowAll");
    //    app.UseCors(builder =>
    //          builder.WithOrigins("http://localhost:4200", "http://localhost:5000")
    //.AllowAnyOrigin()
    //.AllowAnyHeader()
    //.AllowAnyMethod());

    app.UseMvc();
}

来自角度我正在使用拦截器

from angular I am using an interceptor

intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {

    request = request.clone({
      withCredentials: true
    });
    return next.handle(request);
}

我的api同时启用了Windows身份验证和匿名身份验证。

my api is both windows authentication and anonymous authentication enabled.

这是在Intranet上。

this is on an intranet.

推荐答案

（已解决）我得到了类似的答案尝试将 Tour of Heroes Angular 7演示转换为对远程MySQL DB进行REST调用时发生错误。我什至尝试将Apache服务器移动到本地计算机上：

(SOLVED) I had been getting a similar error while trying to convert the Tour of Heroes Angular 7 Demo to make REST calls to a remote MySQL DB. I had even tried moving the Apache server to my local machine:

通过' http：// localhost / angular-php-app / backend '来自来源' http：// localhost：4200 已被CORS政策阻止：对预检请求的响应未通过访问控制检查：预检请求不允许重定向。

Access to XMLHttpRequest at 'http://localhost/angular-php-app/backend' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

解决方案，我在这里找到它-> http：//blog.wsoft .se / category / tips-tricks /

The SOLUTION, I found it here -> http://blog.wsoft.se/category/tips-tricks/

这是我在我的角度应用程序中所做的事情：

Here is what I did within my angular app:

/tour-of-heroes-mysql>npm install -g cors-proxy-server

...Roaming\npm\cors-proxy-server -> ...Roaming\npm\node_modules\cors-proxy-server\index.js
+ cors-proxy-server@1.0.2
added 8 packages from 10 contributors in 2.376s

启动它

Started it up

tour-of-heroes-mysql>HOST=127.0.0.1 PORT=9090 cors-proxy-server &
[1] 17172
/tour-of-heroes-mysql>[Sun Jan 27 2019 10:52:13 GMT-0500 (Eastern Standard Time)] - CORS Proxy Server started on 127.0.0.1:9090

编辑heroes.service以更改URL以包括代理

edit heroes.service to change the URL to include the proxy

    private heroesUrl = 'http://localhost/angular-php-app/backend';  // URL to web api
-->  private heroesUrl = 'http://localhost:9090/http://localhost/angular-php-app/backend'

保存了更改并开始工作！!!!

注意： PUT操作存在一些问题，不确定代理是否正确处理了这些操作。发现这是使用CHROME的更好解决方案，只需通过将目标上的Windows属性调整为以下方式来禁用检查：

Saved the changes and IT WORKED!!!!

NOTE: Had some problems with "PUT" operations, not sure if the proxy was handling those properly. Found this as a better solution using CHROME, just disable the check by adjusting the Windows Properties on the target, to this:

 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --user-data-dir="C:/ChromeDevSession"

（注意-启动CHROME时会收到不支持警告，但它可以工作。在您的特殊快捷方式上桌面，仅用于测试）

(NOTE - you will get a warning 'unsupported' when you start CHROME, but it works. Make a special shortcut on your desktop, use ONLY FOR TESTING)

这篇关于角.net核心api cors预检请求错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！