public classMessageInspector:IDispatchMessageInspector
{privateServiceEndpoint _serviceEndpoint;publicMessageInspector(ServiceEndpoint serviceEndpoint)
{
_serviceEndpoint=serviceEndpoint;
}///
///Called when an inbound message been received///
/// The request message.
/// The incoming channel.
/// The current service instance.
///
///The object used to correlate stateMsg.///This object is passed back in the method.///
public object AfterReceiveRequest(refMessage request,
IClientChannel channel,
InstanceContext instanceContext)
{
StateMessage stateMsg= null;
HttpRequestMessageProperty requestProperty= null;if(request.Properties.ContainsKey(HttpRequestMessageProperty.Name))
{
requestProperty=request.Properties[HttpRequestMessageProperty.Name]asHttpRequestMessageProperty;
}if (requestProperty != null)
{var origin = requestProperty.Headers["Origin"];if (!string.IsNullOrEmpty(origin))
{
stateMsg= newStateMessage();//if a cors options request (preflight) is detected,//we create our own reply message and don‘t invoke any//operation at all.
if (requestProperty.Method == "OPTIONS")
{
stateMsg.Message= Message.CreateMessage(request.Version, null);
}
request.Properties.Add("CrossOriginResourceSharingState", stateMsg);
}
}returnstateMsg;
}///
///Called after the operation has returned but before the reply message///is sent.///
/// The reply message. This value is null if the///operation is one way.
/// The correlation object returned from///the method.
public void BeforeSendReply(ref Message reply, objectcorrelationState)
{var stateMsg = correlationState asStateMessage;if (stateMsg != null)
{if (stateMsg.Message != null)
{
reply=stateMsg.Message;
}
HttpResponseMessageProperty responseProperty= null;if(reply.Properties.ContainsKey(HttpResponseMessageProperty.Name))
{
responseProperty=reply.Properties[HttpResponseMessageProperty.Name]asHttpResponseMessageProperty;
}if (responseProperty == null)
{
responseProperty= newHttpResponseMessageProperty();
reply.Properties.Add(HttpResponseMessageProperty.Name,
responseProperty);
}//Access-Control-Allow-Origin should be added for all cors responses
responseProperty.Headers.Set("Access-Control-Allow-Origin", "*");if (stateMsg.Message != null)
{//the following headers should only be added for OPTIONS requests
responseProperty.Headers.Set("Access-Control-Allow-Methods","POST, OPTIONS, GET,DELETE,PUT");
responseProperty.Headers.Set("Access-Control-Allow-Headers","Content-Type, Accept, Authorization, x-requested-with");
}
}
}
}classStateMessage
{publicMessage Message;
}