Asp.net 核心不使用 Access-Control-* 的正确标头响应预检请求 (OPTION)? [英] Asp.net core doesn't respond to preflight request (OPTION) with proper headers of Access-Control-*?
本文介绍了Asp.net 核心不使用 Access-Control-* 的正确标头响应预检请求 (OPTION)?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在文件 startup.cs 中添加了以下代码.
I've added the following code in the file startup.cs.
在方法中:ConfigureServices:
public void ConfigureServices(IServiceCollection services)
{
services.AddApplicationInsightsTelemetry(Configuration);
var connection = Configuration.GetConnectionString("DefaultConnection");
services.AddDbContext<Models.StaticDataContext>(options => options.UseSqlServer(connection));
services.AddMvc(o => {});
services.AddOptions();
services.Configure<AppSettings>(Configuration.GetSection("AppSettings"));
services.AddCors(o=> { o.AddPolicy("AllowSpecificOrigin", b => b.WithOrigins("*")); });
// Tried it without any parameter
// services.AddCors();
}
在方法中:配置:
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
loggerFactory.AddNLog();
env.ConfigureNLog("nlog.config");
app.UseCors(builder => builder.AllowAnyOrigin().AllowAnyHeader());
app.UseApplicationInsightsRequestTelemetry();
app.UseApplicationInsightsExceptionTelemetry();
app.UseMvc();
}
但是它不返回Access-Control-*的标题?
OPTIONS http://localhost:5001/api/Deal2 HTTP/1.1
Host: localhost:5001
Connection: keep-alive
Access-Control-Request-Method: PUT
Origin: http://localhost:8082
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36
Access-Control-Request-Headers: content-type
Accept: */*
Referer: http://localhost:8082/
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
来自 fiddler 的原始响应.
The raw response got from fiddler.
HTTP/1.1 204 No Content
Date: Sun, 27 Nov 2016 23:32:31 GMT
Server: Kestrel
下面应该有一些标题吗?
And there should be some headers of the following?
Access-Control-Allow-Origin: YOUR_DOMAIN
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: YOUR_CUSTOM_HEADERS
推荐答案
不确定这是否是您的问题,但可能会有所帮助.
Not sure if this is your problem, but it might help.
IIS 需要处理 ASP.NET Core 的预检选项请求.有关于这个的更多信息 发布.
IIS needs to handle the preflight OPTION requests for ASP.NET Core. There is more information on this post.
我在最后的回答并展示了如何启用 IIS 来处理这些请求.
My answer at the end and shows how to enable IIS to handle these requests.
这篇关于Asp.net 核心不使用 Access-Control-* 的正确标头响应预检请求 (OPTION)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
