“Access-Control-Allow-Origin"标头包含多个值 [英] The 'Access-Control-Allow-Origin' header contains multiple values
问题描述
我在客户端使用 AngularJS $http 来访问服务器端的 ASP.NET Web API 应用程序的端点.由于客户端与服务器托管在不同的域中,因此我需要 CORS.它适用于 $http.post(url, data).但是一旦我对用户进行身份验证并通过 $http.get(url) 发出请求,我就会收到消息
<前>'Access-Control-Allow-Origin' 标头包含多个值 'http://127.0.0.1:9000, http://127.0.0.1:9000',但只允许一个.因此,不允许访问源http://127.0.0.1:9000".Fiddler 告诉我,在成功的选项请求之后,get 请求中确实有两个标头条目.我在什么地方做错了什么?
更新
当我使用 jQuery $.get 而不是 $http.get 时,会出现相同的错误消息.所以这对于 AngularJS 来说似乎没有问题.但是哪里错了?
我添加了
config.EnableCors(new EnableCorsAttribute(Properties.Settings.Default.Cors, "", ""))
以及
app.UseCors(CorsOptions.AllowAll);
在服务器上.这导致两个标题条目.只需使用后一种即可.
I'm using AngularJS $http on the client side to access an endpoint of a ASP.NET Web API application on the server side. As the client is hosted on a different domain as the server, I need CORS. It works for $http.post(url, data). But as soon as I authenticate the user and make a request via $http.get(url), I get the message
The 'Access-Control-Allow-Origin' header contains multiple values 'http://127.0.0.1:9000, http://127.0.0.1:9000', but only one is allowed. Origin 'http://127.0.0.1:9000' is therefore not allowed access.
Fiddler shows me that there are indeed two header entries in the get request after a successful options request. What and where am I doing something wrong?
Update
When I use jQuery $.get instead of $http.get, the same error message appears. So this seems no issue with AngularJS. But where is it wrong?
I added
config.EnableCors(new EnableCorsAttribute(Properties.Settings.Default.Cors, "", ""))
as well as
app.UseCors(CorsOptions.AllowAll);
on the server. This results in two header entries. Just use the latter one and it works.
这篇关于“Access-Control-Allow-Origin"标头包含多个值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!