SignalR Core 2.2 CORS AllowAnyOrigin()重大更改 [英] SignalR Core 2.2 CORS AllowAnyOrigin() breaking change

问题描述

要通过SignalR从任何来源连接到ASP.NET Core 2.1服务器，我们必须按以下方式配置管道:

To connect via SignalR to an ASP.NET Core 2.1 server from any origin, we had to configure the pipeline as follows:

app.UseCors (
  builder => builder
   .AllowAnyHeader ()
   .AllowAnyMethod ()
   .AllowAnyOrigin ()
   .AllowCredentials ()
)

根据

According to this document, ASP.NET Core 2.2 no longer allows the combination of AllowAnyOrigin and AllowCredentials, so what would be the solution? Whereas the SignalR Core always sends withCredentials:true in the XMLHtppRequest.

我需要的是，从任何地方开始，没有凭据，我们的用户都可以连接到SignalR集线器.

What I need is that from any origin and without credentials, our users can connect to the SignalR Hub.

推荐答案

有一种解决方法，将AllowAnyOrigin更改为SetIsOriginAllowed:

There is a workaround, change AllowAnyOrigin to SetIsOriginAllowed:

app.UseCors(builder => builder
                .AllowAnyHeader()
                .AllowAnyMethod()
                .SetIsOriginAllowed(_ => true)
                .AllowCredentials()
            );

这篇关于SignalR Core 2.2 CORS AllowAnyOrigin()重大更改的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！