角.net核心api cors预检请求错误 [英] angular .net core api cors preflight request error
问题描述
我无法使cors使用角.net core 2.1,但出现此错误:
I am unable to make cors work angular .net core 2.1 I get this error:
在' https://dev...SaveAPP '来自来源' https:/ / page 已被CORS政策阻止:对飞行前请求的响应未通过访问控制检查:飞行前请求不允许重定向。
Access to XMLHttpRequest at 'https://dev...SaveAPP' from origin 'https://page' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
这是我的startup.cs
this is my startup.cs
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy("AllowAll",
builder => builder.WithOrigins("http://localhost:4200", "https://e.corpintra.net", "https://specit-dtna-dev.e.corpintra.net", "https://specit-dtna.e.corpintra.net", "https://specit-dtna-test.e.corpintra.net")
.AllowAnyMethod()
.WithExposedHeaders("content-disposition")
.AllowAnyHeader()
.AllowCredentials()
.SetPreflightMaxAge(TimeSpan.FromSeconds(3600)));
});
services.Configure<MvcOptions>(options =>
{
options.Filters.Add(new CorsAuthorizationFilterFactory("AllowAll"));
});
services.AddMvc().AddJsonOptions(options => options.SerializerSettings.ContractResolver = new DefaultContractResolver());
services.AddAuthentication(IISDefaults.AuthenticationScheme);
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
if (env.IsProduction() || env.IsStaging())
{
app.UseExceptionHandler("/Error");
}
// app.UseCorsMiddleware();
app.UseCors("AllowAll");
// app.UseCors(builder =>
// builder.WithOrigins("http://localhost:4200", "http://localhost:5000")
//.AllowAnyOrigin()
//.AllowAnyHeader()
//.AllowAnyMethod());
app.UseMvc();
}
来自角度我正在使用拦截器
from angular I am using an interceptor
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
request = request.clone({
withCredentials: true
});
return next.handle(request);
}
我的api同时启用了Windows身份验证和匿名身份验证。
my api is both windows authentication and anonymous authentication enabled.
这是在Intranet上。
this is on an intranet.
推荐答案
(已解决)我得到了类似的答案尝试将 Tour of Heroes Angular 7演示转换为对远程MySQL DB进行REST调用时发生错误。我什至尝试将Apache服务器移动到本地计算机上:
(SOLVED) I had been getting a similar error while trying to convert the Tour of Heroes Angular 7 Demo to make REST calls to a remote MySQL DB. I had even tried moving the Apache server to my local machine:
通过' http:// localhost / angular-php-app / backend '来自来源' http:// localhost:4200 已被CORS政策阻止:对预检请求的响应未通过访问控制检查:预检请求不允许重定向。
Access to XMLHttpRequest at 'http://localhost/angular-php-app/backend' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
解决方案,我在这里找到它-> http://blog.wsoft .se / category / tips-tricks /
The SOLUTION, I found it here -> http://blog.wsoft.se/category/tips-tricks/
这是我在我的角度应用程序中所做的事情:
Here is what I did within my angular app:
/tour-of-heroes-mysql>npm install -g cors-proxy-server
...Roaming\npm\cors-proxy-server -> ...Roaming\npm\node_modules\cors-proxy-server\index.js
+ cors-proxy-server@1.0.2
added 8 packages from 10 contributors in 2.376s
启动它
Started it up
tour-of-heroes-mysql>HOST=127.0.0.1 PORT=9090 cors-proxy-server &
[1] 17172
/tour-of-heroes-mysql>[Sun Jan 27 2019 10:52:13 GMT-0500 (Eastern Standard Time)] - CORS Proxy Server started on 127.0.0.1:9090
编辑heroes.service以更改URL以包括代理
edit heroes.service to change the URL to include the proxy
private heroesUrl = 'http://localhost/angular-php-app/backend'; // URL to web api
--> private heroesUrl = 'http://localhost:9090/http://localhost/angular-php-app/backend'
保存了更改并开始工作!!!!
注意: PUT操作存在一些问题,不确定代理是否正确处理了这些操作。发现这是使用CHROME的更好解决方案,只需通过将目标上的Windows属性调整为以下方式来禁用检查:
Saved the changes and IT WORKED!!!!
NOTE: Had some problems with "PUT" operations, not sure if the proxy was handling those properly. Found this as a better solution using CHROME, just disable the check by adjusting the Windows Properties on the target, to this:
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --disable-web-security --user-data-dir="C:/ChromeDevSession"
(注意-启动CHROME时会收到不支持警告,但它可以工作。在您的特殊快捷方式上桌面,仅用于测试)
(NOTE - you will get a warning 'unsupported' when you start CHROME, but it works. Make a special shortcut on your desktop, use ONLY FOR TESTING)
这篇关于角.net核心api cors预检请求错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!