[英]CORS in .NET Core 2.0 “No 'Access-Control-Allow-Origin' header is present on the requested resource.”
I have created a web api using Core 2.0 and when doing cross domain calls w/ cors enabled, receive the following error: "No 'Access-Control-Allow-Origin' header is present on the requested resource." 我使用Core 2.0创建了一个web api,并且在执行跨域调用时启用了cors,接收到以下错误:“请求的资源上没有'Access-Control-Allow-Origin'标头。”
Below is my config in startup.cs: 以下是我在startup.cs中的配置:
public void ConfigureServices(IServiceCollection services)
{
services.AddLogging();
services.AddMvc();
services.AddCors(options =>
{
options.AddPolicy("AllowAll",
builder =>
{
builder
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
});
});
services.Configure<MvcOptions>(options =>
{
options.Filters.Add(new CorsAuthorizationFilterFactory("AllowAll"));
});
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseMvc();
app.UseCors("AllowAll");
}
According to every post/tutorial I see on stackoverflow or else where, this is the correct way to do it to allow all origins. 根据我在stackoverflow上看到的每个帖子/教程,或者在哪里,这是允许所有来源的正确方法。 What am I missing?
我错过了什么?
Try calling: app.UseCors("AllowAll");
尝试调用:
app.UseCors("AllowAll");
before app.UseMvc();
在
app.UseMvc();
之前app.UseMvc();
. 。
The documentation states the following: 文档说明如下:
To enable CORS for your entire application add the CORS middleware to your request pipeline using the UseCors extension method.
要为整个应用程序启用CORS,请使用UseCors扩展方法将CORS中间件添加到请求管道。 Note that the CORS middleware must precede any defined endpoints in your app that you want to support cross-origin requests (ex. before any call to UseMvc ).
请注意,CORS中间件必须位于应用程序中要支持跨源请求的任何已定义端点之前 (例如, 在调用UseMvc之前 )。
I may be wrong, but this tutorial should help you out. 我可能错了,但本教程应该可以帮到你。
https://www.pointblankdevelopment.com.au/blog/113/aspnet-core-20-angular-24-user-registration-and-login-tutorial-example https://www.pointblankdevelopment.com.au/blog/113/aspnet-core-20-angular-24-user-registration-and-login-tutorial-example
Below is the config in startup.cs 以下是startup.cs中的配置
public void ConfigureServices(IServiceCollection services)
{
services.AddCors();
services.AddDbContext<DataContext>(x => x.UseInMemoryDatabase("TestDb"));
services.AddMvc();
services.AddAutoMapper();
// configure strongly typed settings objects
var appSettingsSection = Configuration.GetSection("AppSettings");
services.Configure<AppSettings>(appSettingsSection);
// configure jwt authentication
var appSettings = appSettingsSection.Get<AppSettings>();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
services.AddAuthentication(x =>
{
x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(x =>
{
x.RequireHttpsMetadata = false;
x.SaveToken = true;
x.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false
};
});
// configure DI for application services
services.AddScoped<IUserService, UserService>();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
{
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
// global cors policy
app.UseCors(x => x
.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
app.UseAuthentication();
app.UseMvc();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.