使用WCF启用CORS [英] enable CORS using WCF

问题描述

我正在尝试使用WCF启用CORS.但是我收到对预检请求的响应未通过访问控制检查:所请求的资源上不存在"Access-Control-Allow-Origin"标头.因此，不允许访问来源' http://localhost .响应的HTTP状态代码为404.

I'm trying to enable CORS using WCF. But I get Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 404.

这是我的Global.asax

This is my Global.asax

  protected void Application_BeginRequest(object sender, EventArgs e)
    {

        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
        if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
        {
            HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST");
            HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept");
            HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
            HttpContext.Current.Response.End();
        }
    }

这是我的web.config

This is my web.config

    <configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
    <system.serviceModel>
	<bindings>
      <webHttpBinding>
        <binding name="TransportSecurity">
          <security mode="Transport">
            <transport clientCredentialType="None"/>
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
      <behaviors>
        <endpointBehaviors>
          <behavior name="RESTAPI03.testAspNetAjaxBehavior">
            <webHttp />
          </behavior>
        </endpointBehaviors>
        <serviceBehaviors>
          <behavior name="RESTAPI03.testAspNetAjaxBehavior">
            <serviceMetadata httpGetEnabled="true" />
            <serviceDebug includeExceptionDetailInFaults="true" />
          </behavior>
        </serviceBehaviors>
      </behaviors>
      <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
      <services>
        <service name="RESTAPI03.test">
          <endpoint address="" behaviorConfiguration="RESTAPI03.testAspNetAjaxBehavior"
              binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="RESTAPI03.Hotels" />
        </service>        
      </services>
	  <standardEndpoints>
    <webScriptEndpoint>
      <standardEndpoint crossDomainScriptAccessEnabled="true"></standardEndpoint>
    </webScriptEndpoint>
  </standardEndpoints>
    </system.serviceModel>
    <system.webServer>
      <httpProtocol>
        <customHeaders>
          <add name="Access-Control-Allow-Origin" value="*"/>
          <add name="Access-Control-Allow-Headers" value="Content-Type, Accept" />
          <add name="Access-Control-Allow-Methods" value="POST,GET,OPTIONS" />
          <add name="Access-Control-Max-Age" value="1728000" />
        </customHeaders>
      </httpProtocol>
    </system.webServer>
  </configuration>

这是我的应用程序项目中的代码

this is code in my application project

const httpOptions = {
         headers: new HttpHeaders({
         'Access-Control-Allow-Origin' : '*'
        })
    }

    return this.httpClient.get('https://www.example/1'  httpOptions ).subscribe(data => {
         console.log("s");
         console.log(JSON.stringify(data));
      }, err => {
         console.log("err => ");
         console.log( JSON.stringify(err));
      });

但仍然无法正常工作.我错过了什么?

but still not working. What did I missed?

推荐答案

起初，我怀疑您用于创建Restful样式WCF服务的配置有问题.
请注意服务部分的 name 属性和端点部分的 contract 属性.

At first, I suspect there is something wrong with your configuration used for creating Restful style WCF service.
Pay attention to the name property of the service section and the contract property of the endpoint section.

<service name="RESTAPI03.test">
          <endpoint address="" behaviorConfiguration="RESTAPI03.testAspNetAjaxBehavior"
              binding="webHttpBinding" bindingConfiguration="TransportSecurity" contract="RESTAPI03.Hotels" />
        </service> 

服务的 name 属性应该是服务实现的类的限定名称，而 contract 属性应该是服务合同的限定名称，如下所示.

The name property of the service should be a qualified name of the service implemented class and the contract property should be a qualified name of the service contract, like this.

<service name="WcfService3.Service1" behaviorConfiguration="mybehavior">
    <endpoint address="" binding="webHttpBinding" bindingConfiguration="mybinding" contract="WcfService3.IService1" behaviorConfiguration="rest"/>
  </service>

请使用 ProtocolMapping 功能参考我的配置.它可以在 HTTP 和 HTTPS 协议上运行，并且不管您签订任何服务合同都支持您的服务.

Please refer to my configuration with the ProtocolMapping feature. It works on both HTTP and HTTPS protocol and supports your service irrespective of any service contract.

 <system.serviceModel>
    <bindings>
      <webHttpBinding>
        <binding name="httpsbinding">
          <security mode="Transport">
            <transport clientCredentialType="None"></transport>
          </security>
        </binding>
      </webHttpBinding>
    </bindings>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
        </behavior>
      </serviceBehaviors>
      <endpointBehaviors>
        <behavior>
          <webHttp />
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <serviceHostingEnvironment aspNetCompatibilityEnabled="true" />
    <protocolMapping>
      <add binding="webHttpBinding" scheme="http"></add>
      <add binding="webHttpBinding" scheme="https" bindingConfiguration="httpsbinding"/>
    </protocolMapping>
  </system.serviceModel>

其次，通常有两种方法可以在Restful WCF服务中启用 CORS .
1.将 global.asax 文件添加到WCF项目中，并添加以下代码 Application_BeginRequest 事件的摘要.

Secondly, there usually are two ways to enable CORS in Restful WCF service.
1. Add a global.asax file to the WCF project and the below code snippets to Application_BeginRequest event.

protected void Application_BeginRequest(object sender, EventArgs e)
        {
            HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
            if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
            {
                HttpContext.Current.Response.AddHeader("Cache-Control", "no-cache");
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
                HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With,Accept");
                HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
                HttpContext.Current.Response.End();
            }
        }

1. 添加 global.asax 文件并修改 Application_BeginRequest 事件.

1. Adding a global.asax file and modify the Application_BeginRequest event.

if (Request.Headers.AllKeys.Contains("Origin") && Request.HttpMethod == "OPTIONS")
                {
                    Response.End();
                }

随后，将以下配置添加到Web.config文件中.

Subsequently, add the following configuration to the Web.config file.

   <httpProtocol>
      <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*"/>
        <add name="Access-Control-Allow-Headers" value="content-type" />
        <add name="Access-Control-Allow-Methods" value="GET,POST,PUT,DELETE,OPTIONS" />
      </customHeaders>
    </httpProtocol>
  </system.webServer>

请随时让我知道问题是否仍然存在.

Feel free to let me know if the problem still exists.

这篇关于使用WCF启用CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！