asp.net core 3.1 解决跨域的问题

最新推荐文章于 2023-06-17 13:54:25 发布

雨中深巷的油纸伞

最新推荐文章于 2023-06-17 13:54:25 发布

阅读量2.7k

点赞数

分类专栏： .net Core 文章标签： c#

原文链接：https://www.jianshu.com/p/26c2108bab05

版权

.net Core 专栏收录该内容

31 篇文章 10 订阅

订阅专栏

我的使用场景：
在本地建立了一个html文件，通过ajax访问asp.net core 3.1提供的webapi服务。
在调试时，发现用html访问抛了cors异常。

抛这样的错误：
Access to XMLHttpRequest at 'http://localhost:52156/api/Person/1' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

jquery-1.10.2.min.js:23 Cross-Origin Read Blocking (CORB) blocked cross-origin response http://localhost:52156/api/Person/1 with MIME type text/plain.

在微软网站
查到，asp.net core cors 3.1的做法如下：
在Startup类里面：

1.添加

 readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";

 public void ConfigureServices(IServiceCollection services)
        {

            services.AddCors(options =>
            {
                options.AddPolicy(MyAllowSpecificOrigins ,
                    builder => builder.AllowAnyOrigin()
/*
根据自己情况调整
 builder.WithOrigins("http://example.com",
                                    "http://www.contoso.com");

如果同时打开 AllowAnyOrigin()
                    .AllowAnyMethod()
                    .AllowAnyHeader()
                    .AllowCredentials());
会抛下面这个异常：
System.InvalidOperationException: Endpoint AnXin.DigitalFirePlatform.WebApi.Controllers.StaticPersonController.Get (AnXin.DigitalFirePlatform.WebApi) contains CORS metadata, but a middleware was not found that supports CORS.
Configure your application startup by adding app.UseCors() inside the call to Configure(..) in the application startup code. The call to app.UseAuthorization() must appear between app.UseRouting() and app.UseEndpoints(...).
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.ThrowMissingCorsMiddlewareException(Endpoint endpoint)
   at Microsoft.AspNetCore.Routing.EndpointMiddleware.Invoke(HttpContext httpContext)
   at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
   at Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)



*/
                    .AllowAnyMethod()
                    .AllowAnyHeader()
                    .AllowCredentials());

            });

            services.AddControllers();         
        }

3.Configure(IApplicationBuilder app, IHostingEnvironment env)方法里添加一行：

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
    {
        if (env.IsDevelopment())
        {
            app.UseDeveloperExceptionPage();
        }
        else
        {
            app.UseHsts();
        }



//主要就是这两行，但是要注意，这一行要在app.UseRouting 和 UseEndpoints 之间

        app.UseRouting();
        app.UseCors(MyAllowSpecificOrigins); 
        app.UseEndpoints(endpoints =>
            {
                endpoints.MapControllers().RequireCors(MyAllowSpecificOrigins);
            });
    }

雨中深巷的油纸伞

关注

0
点赞
踩
2

收藏

觉得还不错? 一键收藏
0
评论
asp.net core 3.1 解决跨域的问题

我的使用场景：在本地建立了一个html文件，通过ajax访问asp.net core 3.1提供的webapi服务。在调试时，发现用html访问抛了cors异常。抛这样的错误：Access to XMLHttpRequest at 'http://localhost:52156/api/Person/1' from origin 'null' has been blocked by CO...
复制链接

扫一扫