public override void OnActionExecuting(HttpActionContext actionExecutedContext)
{
var request = HttpContext.Current.Request;
var response = HttpContext.Current.Response;
if (request.HttpMethod == "GET")
{
response.Headers.Add(AccessControlAllowOrigin, originHeaderAll);
}
else
{
XmlDocument xd = new XmlDocument();
string phypath = HttpContext.Current.Request.MapPath("/AllowDomain.xml");
xd.Load(phypath);
XmlElement xe = xd.DocumentElement;
XmlNode xn = xe.FirstChild;
List<string> allowDomain = new List<string>();
foreach (XmlNode cn in xn.ChildNodes)
{
allowDomain.Add(cn.InnerText);
}
var defaultAllow = string.Empty;
var soriginarray = HttpContext.Current.Request.Headers.GetValues("Origin");
if (soriginarray != null)
{
var sorigin = soriginarray.FirstOrDefault();
if (!string.IsNullOrEmpty(sorigin))
{
foreach (var ad in allowDomain)
{
var newad = ad;
if (ad.EndsWith("/"))
{
newad = ad.Substring(0, ad.Length - 2);
}
if (sorigin.ToLower() == newad.ToLower())
{
defaultAllow = newad;
break;
}
}
}
}
else
{
var srefererarray = HttpContext.Current.Request.Headers.GetValues("Referer");
if (srefererarray != null)
{
var sreferer = srefererarray.FirstOrDefault();
if (!string.IsNullOrEmpty(sreferer))
{
var array = sreferer.Split(new string[] { "://" }, StringSplitOptions.RemoveEmptyEntries);
var domain = array[1].Substring(0, array[1].IndexOf("/") + 1);
domain = array[0] + "://" + domain;
foreach (var ad in allowDomain)
{
var newad = ad;
if (ad.EndsWith("/"))
{
newad = ad.Substring(0, ad.Length - 2);
}
if (domain.ToLower() == newad.ToLower())
{
defaultAllow = newad;
break;
}
}
}
}
}
response.Headers.Add(AccessControlAllowOrigin, defaultAllow);
response.Headers.Add(AccessControlAllowCredentials, credentialsHeaderdefault);
}
{
var request = HttpContext.Current.Request;
var response = HttpContext.Current.Response;
if (request.HttpMethod == "GET")
{
response.Headers.Add(AccessControlAllowOrigin, originHeaderAll);
}
else
{
XmlDocument xd = new XmlDocument();
string phypath = HttpContext.Current.Request.MapPath("/AllowDomain.xml");
xd.Load(phypath);
XmlElement xe = xd.DocumentElement;
XmlNode xn = xe.FirstChild;
List<string> allowDomain = new List<string>();
foreach (XmlNode cn in xn.ChildNodes)
{
allowDomain.Add(cn.InnerText);
}
var defaultAllow = string.Empty;
var soriginarray = HttpContext.Current.Request.Headers.GetValues("Origin");
if (soriginarray != null)
{
var sorigin = soriginarray.FirstOrDefault();
if (!string.IsNullOrEmpty(sorigin))
{
foreach (var ad in allowDomain)
{
var newad = ad;
if (ad.EndsWith("/"))
{
newad = ad.Substring(0, ad.Length - 2);
}
if (sorigin.ToLower() == newad.ToLower())
{
defaultAllow = newad;
break;
}
}
}
}
else
{
var srefererarray = HttpContext.Current.Request.Headers.GetValues("Referer");
if (srefererarray != null)
{
var sreferer = srefererarray.FirstOrDefault();
if (!string.IsNullOrEmpty(sreferer))
{
var array = sreferer.Split(new string[] { "://" }, StringSplitOptions.RemoveEmptyEntries);
var domain = array[1].Substring(0, array[1].IndexOf("/") + 1);
domain = array[0] + "://" + domain;
foreach (var ad in allowDomain)
{
var newad = ad;
if (ad.EndsWith("/"))
{
newad = ad.Substring(0, ad.Length - 2);
}
if (domain.ToLower() == newad.ToLower())
{
defaultAllow = newad;
break;
}
}
}
}
}
response.Headers.Add(AccessControlAllowOrigin, defaultAllow);
response.Headers.Add(AccessControlAllowCredentials, credentialsHeaderdefault);
}
}
AllowDomain.xml 格式
<?xml version="1.0" encoding="utf-8" ?>
<root>
<allowDomain>
<domain>http://localhost</domain>
<domain>http://localhost:8088</domain>
</allowDomain>
</root>