如何在不使用C#进行任何身份验证的情况下使用WebAp2 [英] How to consume WebAp2 without any authentication in C#
问题描述
Dearl全部我是WebAPI2的新手.我想使用JSON格式的函数使用数据,但抛出错误 StatusCode:403,ReasonPhrase:"ModSecurity Action" .我可以直接从浏览器中使用,但不能从HttpClient中使用.没有实现安全性.
Dearl All I am new to WebAPI2. I want to consume data from a function in JSON format but throwing error StatusCode: 403, ReasonPhrase: 'ModSecurity Action'. I can consume directly from browser but can not from HttpClient. No security implemented.
在本地服务器上可以正常工作,但是在远程共享服务器上会出现上述错误.APIURL. http://api.owncircles.com/api/Circles/Education/Questions/getAns/2012460157
Working perfect on local server but above error throws on remote shared server. APIURL. http://api.owncircles.com/api/Circles/Education/Questions/getAns/2012460157
API功能代码.
[HttpGet()]
[AllowAnonymous]
[Route("~/api/Circles/Education/Questions/getAns/{quesID}")]
public IHttpActionResult getAns(string quesID)
{
IQuestions objQuestion = Questions.getInatance();
var qtn = objQuestion.getAns(quesID);
return Json(qtn);
}
客户端
[AllowAnonymous]
public async Task<ActionResult> checkAns(string id)
{
string url = common.apiURL + "Circles/Education/Questions/getAns/"+id;
//HttpClient client = new HttpClient(new HttpClientHandler() {UseDefaultCredentials = true });
HttpClient client = new HttpClient();
// client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue(Constants.));
// client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("");
// client.DefaultRequestHeaders.Authorization = null;
client.BaseAddress = new Uri(url);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
ent_QuestionsDetails Questions = null;
var response = await client.GetAsync(url);
if (response.IsSuccessStatusCode)
{
Questions = response.Content.ReadAsAsync<ent_QuestionsDetails>().Result;
}
OC.Models.mod_Questions objModel = new OC.Models.mod_Questions();
objModel.questionID = Questions.questionID;
objModel.questions = Questions.questions;
objModel.questionOptions = Questions.questionOptions;
return View(objModel);
}
推荐答案
似乎是您的用户代理,如果省略了该请求,该请求将被拒绝.如果您模仿标头中的chrome用户代理值,则请求将成功.这是一个独立的工作示例:
It seems its your user agent, when this is omitted the request is rejected. If you mimic the chrome user agent value in the header the request will succeed. Here is a self contained working example:
请注意,此示例不使用等待/异步,因为它已在控制台应用程序中进行了测试
using (HttpClient client = new HttpClient())
{
client.BaseAddress = new Uri("http://api.owncircles.com/");
client.DefaultRequestHeaders.Clear();
client.DefaultRequestHeaders.Accept.ParseAdd("application/json");
client.DefaultRequestHeaders.UserAgent.ParseAdd("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36");
var result = client.GetAsync("api/Circles/Education/Questions/getAns/2012460157").Result;
if(result.IsSuccessStatusCode)
Console.Write(result.Content.ReadAsStringAsync().Result);
else
Console.Write("fail");
}
话虽这么说,但我不知道您在用户代理上对API服务器端进行哪种检查会拒绝请求.
That being said I do not know what kind of check you have API server side on the user agent that it would reject a request.
这篇关于如何在不使用C#进行任何身份验证的情况下使用WebAp2的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!