.net核心允许在使用CORS时发回错误401(而不是零) [英] .net core allowing sending back error 401 when using CORS (instead of zero)

问题描述

我的客户端JS应用实际上是401时正在接收状态代码0.
当我使用邮递员运行相同的请求时，我得到了预期的401.

My client JS app is receiving status code 0 when it is actually 401.
When I use postman for running the same request i am getting 401 as expected.

我启用了cors，如下所示:

I have enabled cors as the following:

services.AddCors(o => o.AddPolicy("cors", builder =>
            {
                builder.WithOrigins("http://localhost:4200")
                       .AllowAnyMethod()
                       .AllowAnyHeader()
                       .AllowCredentials();
            }));

....
app.UseCors("cors");

在没有身份验证问题的情况下cors正常工作(401).

The cors is working when there is no authentication problem (401).

我应该在客户端收到错误代码0，应该是401.

I am getting error code 0 in the client-side when it is supposed to be 401.

推荐答案

此错误的原因很可能是服务器和Web浏览器上的CORS的组合.

The cause of this error is a most likely a combination of CORS on your server and the web browser.

原因:我的猜测是，服务器响应中缺少某些必需的CORS标头.使用不正确的Cors标头时，浏览器返回0状态.

Cause: My guess is, some of the required CORS headers are missing from your server response. Browsers return a status of 0 when incorrect Cors headers are used.

解决方案:同样，我会猜测您正在注册中间件的顺序不正确.根据文档:

Solution: Again I will guess the order you are registering your middleware is incorrect. As per the docs:

对于端点路由，必须将CORS中间件配置为在对UseRouting和UseEndpoints的调用之间执行.不正确的配置将导致中间件停止正常运行.

With endpoint routing, the CORS middleware must be configured to execute between the calls to UseRouting and UseEndpoints. Incorrect configuration will cause the middleware to stop functioning correctly.

我会按照这样的顺序向您注册中间件(取决于您使用的中间件):

I would register you middleware in an order like so (depending on what middlewares you're using):

app.UseRouting();
app.UseCors("cors");
app.UseAuthorization();

app.UseEndpoints(endpoints =>
{
    endpoints.MapControllers();
});
...
//register app.UseMvc(); last

这篇关于.net核心允许在使用CORS时发回错误401(而不是零)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！