阿贾克斯JSON岗位控制器跨域,"不&QUOT允许的;访问控制 - 允许 - 头 [英] Ajax json post to Controller across domains, "not allowed by" Access-Control-Allow-Headers
问题描述
我创建了一个简单的MVC控制器的行动,需要一些JSON数据 - 然后返回true或false。
I create a simple MVC Controller action, that takes some json data - then return true or false.
[AllowCrossSiteJson]
public JsonResult AddPerson(Person person)
{
//do stuff with person object
return Json(true);
}
我把它从JavaScript:
I call it from javascript:
function saveData(person) {
var json = $.toJSON(person); //converts person object to json
$.ajax({
url: "http://somedomain.com/Ajax/AddPerson",
type: 'POST',
dataType: 'json',
data: json,
contentType: 'application/json; charset=utf-8',
success: function (data) {
alert("ok");
}
});
}
一切,只要我在同一个域,但只要我从另一个域调用它,我遇到问题的工作。
Everything works as long as I am on the same domain, but as soon as I call it from another domain, I run into problems.
在控制器的动作过滤器AllowCrossSiteJson,设置页眉访问控制 - 允许 - 产地为*,允许任何来源访问控制器动作。
On the controller is an action filter "AllowCrossSiteJson" that sets the header "Access-Control-Allow-Origin" to "*", allowing any origin to access the controller action.
public class AllowCrossSiteJsonAttribute : ActionFilterAttribute
{
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
filterContext.RequestContext.HttpContext.Response.AddHeader("Access-Control-Allow-Origin", "*");
base.OnActionExecuting(filterContext);
}
}
不过 - 然后我得到这个错误的萤火虫,跨域调用时:
However - I then get this error in firebug, when calling across domains:
选项<一href="http://somedomain.com/Ajax/AddPerson?packageId=3">http://somedomain.com/Ajax/AddPerson?packageId=3 500内部服务器错误) XMLHtt prequest无法加载 http://somedomain.com/Ajax/AddPerson 。请求头字段内容类型不受访问控制 - 允许 - 头不允许的。
OPTIONS http://somedomain.com/Ajax/AddPerson?packageId=3 500 (Internal Server Error) XMLHttpRequest cannot load http://somedomain.com/Ajax/AddPerson. Request header field Content-Type is not allowed by Access-Control-Allow-Headers.
什么是错在这里?
我一直在寻找通过几个小时可能的解决方案,而且似乎有什么东西做使用jQuery的选项(而不是岗位作为我期望的那样)。
I have been looking through possible solutions for hours, and it seems to be something to do with jquery using OPTIONS (not POST as I would expect).
如果这确实是问题,我怎么能解决呢?
If that is indeed the problem, how can I fix that?
推荐答案
我建议你 JSONP ,它的只有真正的跨浏览器和跨域AJAX可靠的解决方案。所以,你可以通过编写自定义操作结果将包装与回调JSON响应启动:
I'd recommend you JSONP, it's the only really cross browser and reliable solution for cross domain AJAX. So you could start by writing a custom action result that will wrap the JSON response with a callback:
public class JsonpResult : ActionResult
{
private readonly object _obj;
public JsonpResult(object obj)
{
_obj = obj;
}
public override void ExecuteResult(ControllerContext context)
{
var serializer = new JavaScriptSerializer();
var callbackname = context.HttpContext.Request["callback"];
var jsonp = string.Format("{0}({1})", callbackname, serializer.Serialize(_obj));
var response = context.HttpContext.Response;
response.ContentType = "application/json";
response.Write(jsonp);
}
}
然后:
public ActionResult AddPerson(Person person)
{
return new JsonpResult(true);
}
和最后执行跨域AJAX调用:
and finally perform the cross domain AJAX call:
$.ajax({
url: 'http://somedomain.com/Ajax/AddPerson',
jsonp: 'callback',
dataType: 'jsonp',
data: { firstName: 'john', lastName: 'smith' },
success: function (result) {
alert(result);
}
});
这篇关于阿贾克斯JSON岗位控制器跨域,&QUOT;不&QUOT允许的;访问控制 - 允许 - 头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!