在“访问控制允许来源”头包含多个值 [英] The 'Access-Control-Allow-Origin' header contains multiple values
问题描述
我使用在客户端AngularJS $ HTTP来访问服务器端的ASP.NET Web API应用程序的端点。当客户端在不同域的服务器承载,我需要CORS。它适用于$ http.post(URL,数据)。但只要我验证用户的身份,并通过$ http.get(URL)的请求,我得到的消息
I'm using AngularJS $http on the client side to access an endpoint of a ASP.NET Web API application on the server side. As the client is hosted on a different domain as the server, I need CORS. It works for $http.post(url, data). But as soon as I authenticate the user and make a request via $http.get(url), I get the message
The 'Access-Control-Allow-Origin' header contains multiple values 'http://127.0.0.1:9000, http://127.0.0.1:9000', but only one is allowed. Origin 'http://127.0.0.1:9000' is therefore not allowed access.
提琴手显示我的确有一个成功的请求选项后GET请求两个头的条目。什么,我在哪里做错了?
Fiddler shows me that there are indeed two header entries in the get request after a successful options request. What and where am I doing something wrong?
更新
当我使用jQuery $不用彷徨而不是$ http.get,会出现相同的错误消息。因此,这似乎与AngularJS没有问题。但它在哪里错了?
When I use jQuery $.get instead of $http.get, the same error message appears. So this seems no issue with AngularJS. But where is it wrong?
推荐答案
我添加
config.EnableCors(新EnableCorsAttribute(Properties.Settings.Default.Cors的,的))
config.EnableCors(new EnableCorsAttribute(Properties.Settings.Default.Cors, "", ""))
以及
app.UseCors(CorsOptions.AllowAll);
在服务器上。这将导致两个头的条目。只需使用后者,它的作品。
on the server. This results in two header entries. Just use the latter one and it works.
这篇关于在“访问控制允许来源”头包含多个值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
