[英]How to enable CORS for asp.net mvc web site?
I want to enable CORS for an action in my asp.net mvc 4 web site. 我想在我的asp.net mvc 4网站中为操作启用CORS。 This is possible for web api http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api Is there a similar solution for mvc web site?
对于Web API,这是可能的。http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api是否存在针对mvc网站的类似解决方案? I also want to be able to restrict this for origin web sites I want.
我还希望能够限制我想要的原始网站。 Thanks
谢谢
i think you need to create your Custom authorization Like this: 我认为您需要创建自定义授权,如下所示:
/// <summary>
/// Referrer Url Custom Authorize
/// </summary>
[AttributeUsage(AttributeTargets.Class)]
public class ReferrerUrlAuthorize : AuthorizeAttribute
{
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
IList<string> webSitesAllowed = new List<string>() { "http://mywebsite.com", "http://customersite.com" };
string urlReferrer = System.Web.HttpContext.Current.Request.UrlReferrer.AbsoluteUri;
//checking if the referrer url exists in your list of sites allowed
if (!webSitesAllowed.Contains(urlReferrer))
return false; //access denied
return true;
}
}
and in your controller class must be set the ReferrerUrlAuthorize 并且必须在控制器类中设置ReferrerUrlAuthorize
[ReferrerUrlAuthorize]
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Title = "Home Page";
return View();
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.