Web API 2 CORS不允许IP地址作为起点 [英] Web API 2 CORS Won't Allow IP Addresses as Origins

问题描述

我有一个启用了CORS身份验证的Web API 2应用程序。在本地，我运行两个网站，一个SPA网站和Web API，在端口80，使用不同的主机头。一切工作正常。但是，我试图在没有域的机器上测试，所以我必须使用不同端口的IP地址为两个网站。无论我做什么，Web API都会提供所需资源上存在的旧的NoAccess-Control-Allow-Origin标头。Origin' http://xxx.xxx.xxx.xxx:8090 因此不允许访问。我的CORS配置如下：

I have a Web API 2 application with CORS authentication enabled. Locally I'm running two sites, a SPA site and the web API, both on port 80, using different host headers. Everything works fine. However, I'm trying to test on a machine that has no domain, so I have to use IP addresses with different ports for the two sites. No matter what I do, the web API gives the good old "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://xxx.xxx.xxx.xxx:8090' is therefore not allowed access". I have my CORS configured as follows:

var cors = new EnableCorsAttribute(
            origins: "*",
            headers: "*",
            methods: "*");
        config.EnableCors(cors);

只有当API位于真实域中时，才能运行web API 2 CORS， IP地址？这似乎是一个极端的限制。

Is it only possible to run web API 2 CORS when the API is on a real domain, not on an IP address? That seems like an extreme limitation.

不确定是否重要，但在本地运行IIS 7.5，但我的测试机是IIS 7.

Not sure if it matters or not, but locally I'm running IIS 7.5, but my test machine is IIS 7.

任何帮助将非常感激。

推荐答案

是 IIS特定的。一旦我把我的API在运行IIS 7.5的机器，它工作完美。干杯。

Turns out it is IIS specific. As soon as I put my API on a machine running IIS 7.5, it worked perfectly. Cheers.

这篇关于Web API 2 CORS不允许IP地址作为起点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！