配置核心以允许使用ASP.NET Core(Asp.net 5,MVC6,VNext)的所有子域 [英] Configure cors to allow all subdomains using ASP.NET Core (Asp.net 5, MVC6, VNext)
问题描述
我在ASP.NET Core Web应用程序中正确设置了cors.我正在使用以下程序包...
I have cors setup correctly in an ASP.NET Core web app. Im using the following package...
"Microsoft.AspNet.Cors": "6.0.0-rc1-final"
这是startup.cs片段...
and here is the startup.cs snippet...
public virtual IServiceProvider ConfigureServices(IServiceCollection services)
{
services.AddCors
(
options =>
{
options.AddPolicy
(
CORSDefaults.PolicyName,
builder =>
{
//From config...
var allowedDomains = new []{"http://aaa.somewhere.com","https://aaa.somewhere.com","http://bbb.somewhere.com","https://bbb.somewhere.com"};
//Load it
builder
.WithOrigins(allowedDomains)
.AllowAnyHeader()
.AllowAnyMethod()
.AllowCredentials();
}
);
}
);
}
这很好用,只不过允许的子域列表增长很快,而我想允许"somewhere.com"的所有子域.类似于"* .somewhere.com".我似乎在新的ASP.NET Core(MVC6,ASP.NET5,VNext)中找不到有关如何执行此操作的任何文档.我发现的所有文档/示例都演示了如何执行此操作,这些文档/示例适用于MVC或WebApi的早期版本.如何在新堆栈中实现这一目标?
This works great except that the list of subdomains to allow is growing fast and I want to allow all subdomains of "somewhere.com". Something like "*.somewhere.com". I cant seem to find any documentation on how to do this in the new ASP.NET Core (MVC6, ASP.NET5, VNext). All the docs/examples I'm finding that demonstrate how to do this are for earlier versions of MVC or WebApi. How can I achieve this in the new stack?
推荐答案
现在已在2.0.0版中实现.在您的ConfigureServices中,使用以下命令:
This has now been implemented in version 2.0.0. In your ConfigureServices use the following:
options.AddPolicy("MyCorsPolicy",
builder => builder
.SetIsOriginAllowedToAllowWildcardSubdomains()
.WithOrigins("https://*.mydomain.com")
.AllowAnyMethod()
.AllowCredentials()
.AllowAnyHeader()
.Build()
);
此外,不要忘记在您的Configure通话中也致电UseCors:
Also, don't forget to call UseCors in your Configure call too:
app.UseCors("MyCorsPolicy");
这篇关于配置核心以允许使用ASP.NET Core(Asp.net 5,MVC6,VNext)的所有子域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
