"Access-Control-Allow-Origin"标头包含多个值"*，*"，但只允许一个 [英] The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed

问题描述

我正在使用Angular和ASP.NET API.我面临的问题:当我在API代码中添加CORS时，它可以在Internet Explorer上运行，但不能在Chrome和Firefox上运行.

I'm using Angular and ASP.NET API. The issue I'm facing: when I add CORS in the API code, it works on Internet Explorer but does not work on Chrome and Firefox.

这是错误:

XMLHttpRequest无法加载 http://localhost:41028/api/values/abc .这 "Access-Control-Allow-Origin"标头包含多个值"*，*"， 但只允许一个.因此，来源' http://localhost:44796 '是 不允许访问.

XMLHttpRequest cannot load http://localhost:41028/api/values/abc. The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin 'http://localhost:44796' is therefore not allowed access.

这是我在web.config文件中添加的代码:

This is the code I added in the web.config file:

<system.webServer>
...
<httpProtocol>
  <customHeaders>
      <!-- Adding the following custom HttpHeader will help prevent CORS errors -->
      <add name="Access-Control-Allow-Origin" value="*" />
      <add name="Access-Control-Allow-Headers" value="Content-Type" />
  </customHeaders>
</httpProtocol>
...
</system.webServer>

在WebApiConfigFile.cs文件中，我添加了:

var CorsAttribute = new EnableCorsAttribute("* ","* ", "* ");
        config.EnableCors(CorsAttribute);

我第一次使用CORS.任何帮助将不胜感激.

I'm using CORS for the first time. Any help will be appreciated.

推荐答案

您两次设置了CORS.我认为这就是问题所在.

You are setting CORS twice. I think that is the issue.

请删除任何一项CORS设置.您可以从web.config或WebApiConfigFile.cs删除它.

Please remove any one CORS settings. You can either remove it from web.config or from WebApiConfigFile.cs.

这篇关于"Access-Control-Allow-Origin"标头包含多个值"*，*"，但只允许一个的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！