不存在“Access-Control-Allow-Origin”标头 - 面向 .net 框架 4.5.1 的 asp.net 核心 Web api
[英]No 'Access-Control-Allow-Origin' header is present - asp.net core web api targeting .net framework 4.5.1
问题描述
I have a server side RESTful API that was created in c# targeting .NET Framework 4.5.1 and the CORS configuration i have does not appear to be working...
我有一个服务器端 RESTful API,它是在 c# 中创建的,面向 .NET Framework 4.5.1 并且我的 CORS 配置似乎没有工作......
public void ConfigureServices(IServiceCollection services) {
services.AddCors(options => {
options.AddPolicy("AllowAll",
builder => {
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
});
});
// Add framework services.
services.AddMvc();
services.AddOptions();
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env,
ILoggerFactory loggerFactory) {
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
if (env.IsDevelopment()) {
app.UseDeveloperExceptionPage();
}
var options = new JwtBearerOptions {
Audience = "MyAudience"
Authority = "MyAuthority"
};
app.UseJwtBearerAuthentication(options);
app.UseCors("AllowAll");
app.UseMvc();
}
Each time i make a call to the below API in my controller每次我在控制器中调用以下 API 时
[Authorize]
[HttpGet]
public Task<JsonResult> Get() {
ICollection<string> abc;
try {
abc = new List<string>(){"A", "B", "C"};
} catch (Exception) {
abc = null;
}
return Json(abc);
}
I get the following error...我收到以下错误...
"XMLHttpRequest cannot load x Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'x' is therefore not allowed access. The response had HTTP status code 502." “XMLHttpRequest 无法加载 x 对预检请求的响应未通过访问控制检查:请求的资源上不存在 'Access-Control-Allow-Origin' 标头。因此,不允许访问 Origin 'x'。响应具有 HTTP 状态代码 502。”
The http request from my client has an "Authorization" header in it which is why a preflight response is triggered, it has a valid token etc... so it has nothing to do with this part.来自我的客户端的 http 请求中有一个“授权”标头,这就是触发预检响应的原因,它有一个有效的令牌等......所以它与这部分无关。
In fact if I create the exact same RESTful API targeting .NET Core 1.0, it works as expected.事实上,如果我针对 .NET Core 1.0 创建完全相同的 RESTful API,它会按预期工作。 This leads me to believe there is either an issue with CORS and targeting .NET Framework 4.5.1 or there is now some explicit logic i have to add that is otherwise handled implicitly by .NET Core 1.0.这让我相信 CORS 和面向 .NET Framework 4.5.1 存在问题,或者现在我必须添加一些显式逻辑,否则由 .NET Core 1.0 隐式处理。
My understanding is that the CORS middleware should be handling all this, does anyone know what the issue might be here?我的理解是 CORS 中间件应该处理所有这些,有谁知道这里可能存在什么问题?
EDIT:编辑:
I forgot to mention that this works fine running as localhost, i only see this issue after deploying.我忘了提到这在作为 localhost 运行时可以正常工作,我只在部署后看到这个问题。 Also, i tested this targeting .NET Framework 4.6.2 and the issue remained.此外,我针对 .NET Framework 4.6.2 测试了这个问题,但问题仍然存在。
1 个解决方案
解决方案1
3 已采纳 2017-06-09 17:36:01
This has been resolved.这已得到解决。
https://github.com/aspnet/Tooling/blob/master/known-issues-vs2017.md#aspnet-core-known-issues https://github.com/aspnet/Tooling/blob/master/known-issues-vs2017.md#aspnet-core-known-issues
Different versions of visual studio 2017 were being used and some projects\\dependencies were targeting .Net Core 1.0 and others were targeting .Net Core 1.1 which caused different runtimes to be needed.正在使用不同版本的 Visual Studio 2017,一些项目\\依赖项针对 .Net Core 1.0,而其他项目\\依赖项针对 .Net Core 1.1,这导致需要不同的运行时。
Once we sync'd to the newest version of VS2017 (15.2.26430.13), targeted .Net Core 1.1 and installed the new runtime on the server the issue went away.一旦我们同步到最新版本的 VS2017 (15.2.26430.13),针对 .Net Core 1.1 并在服务器上安装新的运行时,问题就消失了。
The CORS error above was actaully a side effect of a 502 (Bad Request) error that i was missing in the callstack...上面的 CORS 错误实际上是我在调用堆栈中丢失的 502(错误请求)错误的副作用......
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.