C#的Web API和CORS启用和可怕否“访问控制允许来源”标头的请求的资源present [英] c# Web Api with CORS Enabled and the dreaded No 'Access-Control-Allow-Origin' header is present on the requested resource
问题描述
我有一个C#的Web API项目。我创建了使用Web API 2标准的控制器。我想只有一个动作使CORS,这是我有:
I have a C# Web API project. I created a Controller using the Web API 2 standard. I am trying to enable CORS on only one action, this is what I have:
namespace MyProject.Controllers
{
public class MyControllerController : ApiController
{
// POST api/mycontroller
[EnableCors("http://link.myurl.com", "*", "*")]
public bool Post(MyCustomObject customObject)
{
// Function that returns Bool
return myFunction(customObject);
}
}
}
我WebApiConfig.cs看起来是这样的:
My WebApiConfig.cs looks like this:
// Web API configuration and services
config.EnableCors();
// Web API routes
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new { id = RouteParameter.Optional }
);
// Ignore Null values on JSON Returns
config.Formatters.JsonFormatter.SerializerSettings = new JsonSerializerSettings { NullValueHandling = NullValueHandling.Ignore };
config.Formatters.JsonFormatter.SerializerSettings = new JsonSerializerSettings { DefaultValueHandling = DefaultValueHandling.Ignore };
下面是跨域AJAX调用:
Here is the Cross-Domain AJAX call:
$.ajax({
type: "POST",
url: 'http://myurl.com/api/mycontroller',
data: JSON.stringify({ Type: 'TextHere', OtherInfo: 'TextHere' }),
contentType: "application/json",
success: function (data) {
}
});
根据关教程像这样的:<一href=\"http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api#how-it-works\" rel=\"nofollow\">http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api#how-it-works,我应该拥有的一切正确设置。
Based off tutorials such as this one: http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api#how-it-works, I should have everything properly setup.
我继续得到以下错误在Chrome中:
I continue to get the following error in Chrome:
XMLHtt prequest无法加载 http://myurl.com/api/mycontroller 。没有
访问控制允许来源标头present的要求
资源。因此出身 http://link.myurl.com '是不允许的
访问。
XMLHttpRequest cannot load http://myurl.com/api/mycontroller. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://link.myurl.com' is therefore not allowed access.
当我看看使用招的电话,我注意到pre-航班始发地检查经过精细与状态200,但是当实际调用时返回500。
When I take a look at the calls using Fiddler, I notice that the Pre-flight Origin check goes through fine with Status 200, but when the actual call is made it returns 500.
有趣的是,交易被提交到数据库,即使调用失败。这几乎就像在pre-航班始发地检查通过时,它应该只检查允许原产code运行。
我试着加入以下的web.config:
I've tried adding the following to web.config:
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="http://link.myurl.com" />
</customHeaders>
</httpProtocol>
<system.webServer>
如果我离开[EnableCors]行,然后我得到这两个值指定一个错误(的http://链接。 myurl.com )时只能有一个。如果我删除[EnabledCors]行,我得到原来的错误。
If I leave the [EnableCors] line, then I get an error that two values are specified (http://link.myurl.com) when there can only be one. If I remove the [EnabledCors] line, I get the original error.
如果您已经不能说,我不知所措就在这里。具有讽刺意味的是工作(数据库操作正在实施),但浏览器认为它不工作,从来没有接受JSON返回数据。
If you can't already tell, I'm at a loss here. Ironically it is working (database actions being committed), but the browser thinks its not working and never accepts the JSON return data.
帮助?
推荐答案
我不知道为什么,这周围的工作这段时间,但我得到了它的工作。主要的区别可能是我安装使用的NuGet库:
I'm not sure why this worked this time around, but I got it working. The main difference might be the library I installed using NuGet:
微软的ASP.NET Web API 2.2跨域支持
我然后设置WebApiConfig.cs文件,如我最初的职位说明,以及我想允许它在行动上面EnableCors选项。
I then set the WebApiConfig.cs file as specified in my initial post, as well as the EnableCors option above the Action I wanted to allow it on.
我没有设置在web.config文件中任何事情。
I did NOT set anything in the web.config file.
我不再收到错误,必须有一些做的的NuGet包。
I no longer receive the error, must have something to do with the NuGet package.
这篇关于C#的Web API和CORS启用和可怕否“访问控制允许来源”标头的请求的资源present的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
