从.NET Core 2.2迁移到.NET Core 3.0时发生CORS问题 [英] CORS issue while migrating form .net core 2.2 to .net core 3.0

问题描述

从.net core 2.2迁移到.net core 3.0时，我遇到了cors问题

I am getting cors issue while i am migrating from .net core 2.2 to .net core 3.0

  public void Configure(IApplicationBuilder app, IHostEnvironment env, Microsoft.AspNetCore.Hosting.IApplicationLifetime applicationLifetime)
        {
            NLog.LogManager.Configuration = new NLogLoggingConfiguration(Configuration.GetSection("NLog"));
            LogManager.Configuration.Variables["connectionString"] = Encryptor.GetNLogDB();
            LogManager.Configuration.Variables["ApplicationName"] = env.ApplicationName;
            LogManager.Configuration.Variables["EnvironmentType"] = env.EnvironmentName;
            app.UseStaticFiles();
            app.UseRouting();
            app.UseCors("AllowAll");

            applicationLifetime.ApplicationStopping.Register(OnShutdown);
            applicationLifetime.ApplicationStarted.Register(OnStarted);

            app.UseAuthentication();
            app.UseAuthorization();
            app.UseLogAndExceptionHandler();

            //app.UseCors();
            //app.UseSignalR(routes =>
            //{
            //    routes.MapHub<ApplicationHub>(SignalRHub);
            //    routes.MapHub<QuillHub>(QuillHub);
            //});
            app.UseEndpoints(endpoints => {
                endpoints.MapControllers();
            });
            //app.UseMvc();

            Initialize(app);
        }

public void ConfigureServices(IServiceCollection services)
        {
services.AddCors(options =>
            {
                options.AddPolicy("AllowAll",
                    builder => builder.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader().AllowCredentials());
            });
}

在运行此程序时，我收到一条错误消息，说我不能同时使用AllowAnyOrigin和AllowCredentials，并且当我删除其中的任何一条时，CORS策略已阻止了运行时错误:对预检请求的响应未通过访问控制检查:当请求的凭据模式为"include"时，响应中"Access-Control-Allow-Origin"标头的值不得为通配符"*".XMLHttpRequest发起的请求的凭据模式由withCredentials属性控制.

While running this i am getting an error saying i cant use AllowAnyOrigin and AllowCredentials together and when i remove any of those i get run time error has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

我想允许所有起源.

推荐答案

基于尝试使用 SetIsOriginAllowed 作为解决方法

services.AddCors(options =>
        {
            options.AddPolicy("AllowAll",
                builder => builder.AllowAnyMethod()
                                  .AllowAnyHeader()
                                  .SetIsOriginAllowed(_ => true)
                                  .AllowCredentials());
        });

这篇关于从.NET Core 2.2迁移到.NET Core 3.0时发生CORS问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！