.NET Core 2.0中的CORS“请求的资源上没有'Access-Control-Allow-Origin'标头。”
[英]CORS in .NET Core 2.0 “No 'Access-Control-Allow-Origin' header is present on the requested resource.”
问题描述
I have created a web api using Core 2.0 and when doing cross domain calls w/ cors enabled, receive the following error: "No 'Access-Control-Allow-Origin' header is present on the requested resource." 
我使用Core 2.0创建了一个web api,并且在执行跨域调用时启用了cors,接收到以下错误:“请求的资源上没有'Access-Control-Allow-Origin'标头。”
Below is my config in startup.cs: 以下是我在startup.cs中的配置:
public void ConfigureServices(IServiceCollection services)
{
services.AddLogging();
services.AddMvc();
services.AddCors(options =>
{
options.AddPolicy("AllowAll",
builder =>
{
builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
});
});
services.Configure<MvcOptions>(options =>
{
options.Filters.Add(new CorsAuthorizationFilterFactory("AllowAll"));
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseMvc();
app.UseCors("AllowAll");
}
According to every post/tutorial I see on stackoverflow or else where, this is the correct way to do it to allow all origins. 根据我在stackoverflow上看到的每个帖子/教程,或者在哪里,这是允许所有来源的正确方法。 What am I missing? 我错过了什么?
2 个解决方案
解决方案1
5 已采纳 2018-02-06 19:05:10
Try calling: app.UseCors("AllowAll"); 尝试调用: app.UseCors("AllowAll"); before app.UseMvc(); 在app.UseMvc();之前app.UseMvc(); . 。
The documentation states the following: 文档说明如下:
To enable CORS for your entire application add the CORS middleware to your request pipeline using the UseCors extension method.
解决方案2
3 2018-02-06 19:32:17
I may be wrong, but this tutorial should help you out. 我可能错了,但本教程应该可以帮到你。
https://www.pointblankdevelopment.com.au/blog/113/aspnet-core-20-angular-24-user-registration-and-login-tutorial-example https://www.pointblankdevelopment.com.au/blog/113/aspnet-core-20-angular-24-user-registration-and-login-tutorial-example
Below is the config in startup.cs 以下是startup.cs中的配置
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddDbContext<DataContext>(x => x.UseInMemoryDatabase("TestDb"));
services.AddMvc();
services.AddAutoMapper();
// configure strongly typed settings objects
var appSettingsSection = Configuration.GetSection("AppSettings");
services.Configure<AppSettings>(appSettingsSection);
// configure jwt authentication
var appSettings = appSettingsSection.Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
};
});
// configure DI for application services
services.AddScoped<IUserService, UserService>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
// global cors policy
app.UseCors(x => x
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
app.UseAuthentication();
app.UseMvc();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.