using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http.Filters;
using Newtonsoft.Json;
using System.Text;
using System.Web.Http.Controllers;
namespace Filters
{
public class Filter : ActionFilterAttribute
{
public override void OnActionExecuting(HttpActionContext actionContext)
{
if (actionContext.Request.Method.Method == "OPTIONS")
{//直接通行预请求
actionContext.Response =
new HttpResponseMessage { Content = new StringContent(JsonConvert.SerializeObject(new { status =200, message = "OPTION_SSUCCESS" }), Encoding.GetEncoding("UTF-8"), "application/json") };
OpenCorsing(actionContext);
base.OnActionExecuting(actionContext);
return;
}
base.OnActionExecuting(actionContext);
}
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)
{
//返回请求结果前 设置一下响应头
OpenCorsed(actionExecutedContext);
base.OnActionExecuted(actionExecutedContext);
}
public void OpenCorsed(HttpActionExecutedContext actionExecutedContext)
{
try
{
IEnumerable<string> outvalues;
if (actionExecutedContext.Request.Headers.TryGetValues("Origin", out outvalues))
{
actionExecutedContext.Response.Headers.Add("Access-Control-Allow-Origin", string.Join(",", outvalues.ToArray()));
actionExecutedContext.Response.Headers.Add("Access-Control-Allow-Credentials", "true"); //是否支持cookie跨域
//actionExecutedContext.Response.Headers.Add("Access-Control-Allow-Headers", "token");//请求头假如有自定义参数,需要在这里加上允许 eg:"token,key"
//actionExecutedContext.Response.Headers.Add("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE,OPTIONS");
}
}
catch
{
}
}
public void OpenCorsing(HttpActionContext actionContext)
{
try
{
IEnumerable<string> outvalues;
if (actionContext.Request.Headers.TryGetValues("Origin", out outvalues))
{
actionContext.Response.Headers.Add("Access-Control-Allow-Origin", string.Join(",", outvalues.ToArray()));
actionContext.Response.Headers.Add("Access-Control-Allow-Credentials", "true"); //是否支持cookie跨域
//actionContext.Response.Headers.Add("Access-Control-Allow-Headers", "token");//请求头假如有自定义参数,需要在这里加上允许 eg:"token,key"
//actionContext.Response.Headers.Add("Access-Control-Allow-Methods", "GET,PUT,POST,DELETE,OPTIONS");
}
}
catch
{
}
}
}
}
页面jq请求
<script type="text/javascript">
jQuery.support.cors = true;//此处解决ie问题
$(function () {
$("#btn").click(function () {
$.ajax({
url: "http://192.168.1.16/myApiTest/v1/LogOut",
data: {},
type: "post",
dataType: "json",
xhrFields: {
withCredentials: true//这个属性设置为true
},
beforeSend: function (request) {
request.setRequestHeader("token", "abc");//自定义请求头参数
},
success: function (data) {
}
});
});
});
</script>