signalR CORS - IE客户端获取403'禁止：JSONP被禁用' [英] signalR CORS - IE client gets 403 'Forbidden: JSONP is disabled'

问题描述

我们实现了启用CORS的SignalR 2.0中枢。 Firefox和Chrome上的Javascript客户端运行正常。 IE 10获取错误403.

We implemented SignalR 2.0 hub with CORS enabled. Javascript clients on Firefox and Chrome are running fine. IE 10 gets error 403.

任何帮助将不胜感激。

Any help will be appreciated. Thank you and regards.

推荐答案

虽然IE 10（但不是IE≤9）应该支持CORS，发现自己需要使用JSONP，您可以在调用 MapSignalR 时启用它。

While IE 10 (but not IE ≤9) should support CORS, if you find yourself needing to use JSONP you can enable it when you call MapSignalR.

启用JSONP允许您的SignalR应用程序在发送Cookie /凭证时从任何来源访问。使用CORS，您可以限制哪些起源能够访问您的SignalR应用程序，无论Cookie /凭据是否应与跨源请求和更多发送。由于JSONP无法配置为与CORS可能实现的更细粒度的安全策略相匹配，因此必须单独启用JSONP：

Enabling JSONP allows your SignalR app to be accessed from any origin while sending cookies/credentials. With CORS, you can limit which origins are able to access your SignalR app, whether or not cookies/credentials should be sent with cross-origin requests and more. Since JSONP cannot be configured to match the more fine-grained security policies made possible by CORS, JSONP must be enabled separately:

app.MapSignalR(new HubConfiguration 
{
    // You can enable JSONP by uncommenting line below.
    // JSONP requests are insecure but some older browsers (and some
    // versions of IE) require JSONP to work cross domain
    EnableJSONP = true
});

如果使用 PersistentConnection code> HubConfiguration 与 ConnectionConfiguration 。

If you are using a PersistentConnection replace HubConfiguration with ConnectionConfiguration.

a href =http://www.asp.net/signalr/overview/signalr-20/hubs-api/hubs-api-guide-javascript-client#crossdomain =nofollow>建立跨域SignalR在这里连接。

You can learn more about establishing a cross-domain SignalR connection here.

这篇关于signalR CORS - IE客户端获取403'禁止：JSONP被禁用'的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！