获取XMLHttpRequest:网络错误0x80070005,访问被拒绝
[英]Getting a XMLHttpRequest: Network Error 0x80070005, Access is denied
问题描述
I have a token endpoint that is passed a username and password grant type to authenticate users. 
我有一个令牌终结点,该终结点传递了用户名和密码授予类型来验证用户。 This token endpoint is called from an AngularJS service that is part of my MVC web front end. 从我的MVC Web前端的一部分AngularJS服务调用此令牌终结点。 When I call the service I get the following error 当我致电服务时,出现以下错误
XMLHttpRequest: Network Error 0x80070005, Access is denied.
This seems to be a CORS problem. 这似乎是一个CORS问题。 I did the following to resolve this problem with no luck thus far 我做了以下事情来解决这个问题,到目前为止还没有运气
I added the app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); 我添加了app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); to my Startup.cs file for my token web service. 到我的令牌Web服务的Startup.cs文件中。
public class Startup
{
public void Configuration
(
IAppBuilder app
)
{
ConfigureOAuth(app);
var config = new HttpConfiguration();
WebApiConfig.Register(config);
config.Filters.Add(new AuthorizeAttribute());
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseWebApi(config);
}
private void ConfigureOAuth
(
IAppBuilder app
)
{
app.UseOAuthAuthorizationServer(new OAuthServerOptionsProvider().Provide());
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
I also have a class that is overriding the OAuthAuthorizationServerProvider , within the GrantResourceOwnerCredentials method I have the following code to add all origins to the response headers 在GrantResourceOwnerCredentials方法中,我还有一个重写OAuthAuthorizationServerProvider的类,我有以下代码将所有来源添加到响应标头中
public override async Task GrantResourceOwnerCredentials
(
OAuthGrantResourceOwnerCredentialsContext context
)
{
System.Web.HttpContext.Current.Response.Headers.Add("Access-Control-Allow-Origin", "*");
// Other code left out to keep this short
}
In fiddler I can see that the response header was successfully added 在提琴手中,我可以看到响应头已成功添加
Is there something I'm missing here? 我在这里想念什么吗?
Update 更新资料
Here is my request headers 这是我的请求标头
1 个解决方案
解决方案1
0 已采纳 2015-07-27 13:48:18
First of all I have to point out that the comments made by @maurycy helped me find the solution in the comments of this stackoverflow post. 首先,我必须指出,@ maurycy的评论帮助我在此 stackoverflow帖子的评论中找到了解决方案。
This post explains that the app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); 这篇文章解释了app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll); in the Startup.cs file should be moved to the top of the method and that the System.Web.HttpContext.Current.Response.Headers.Add("Access-Control-Allow-Origin", "*"); 在Startup.cs文件中,应将其移至该方法的顶部,并且将System.Web.HttpContext.Current.Response.Headers.Add("Access-Control-Allow-Origin", "*"); should be removed from the GrantResourceOwnerCredentials class. 应该从GrantResourceOwnerCredentials类中删除。 So I changed the code in my question to look something like this, 因此,我将问题中的代码更改为如下所示,
public class Startup
{
public void Configuration(IAppBuilder app)
{
ConfigureOAuth(app);
var config = new HttpConfiguration();
WebApiConfig.Register(config);
config.Filters.Add(new AuthorizeAttribute());
app.UseWebApi(config);
}
private void ConfigureOAuth(IAppBuilder app)
{
app.UseCors(Microsoft.Owin.Cors.CorsOptions.AllowAll);
app.UseOAuthAuthorizationServer(new OAuthServerOptionsProvider().Provide());
app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
}
}
I also have changed the class that is overriding the OAuthAuthorizationServerProvider 我还更改了覆盖OAuthAuthorizationServerProvider的类
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
// Remove the response header that was added
// Other code left out to keep this short
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.