从MVC项目调用WEB API时401.2响应

Question

I am running a WEB API project locally through Visual studio, on port 49374.

I am then running an MVC project locally through VS, on port 57062.

I am trying to call an API in my WEB API project (49374), from the MVC project(57062), but am getting a 401.2 response, see below:

When I call the API directly from the browser, it works fine.

CORS is setup in the Web API Web config as follows:

        <customHeaders>
            <add name="Access-Control-Allow-Origin" value="http://localhost:57062" />
            <add name="Access-Control-Allow-Methods" value="GET, POST, OPTIONS, PUT, DELETE" />
            <add name="Access-Control-Allow-Headers" value="Content-Type, Accept" />
            <add name="Access-Control-Allow-Credentials" value="true" />
            <!--<add name="Access-Control-Allow-Credential-Header" value="true"/>-->

        </customHeaders>
    </httpProtocol>

and the project has the following settings on VS:

I am out of ideas as to what the problem could be - can anyone suggest anything?

Answer 1

I have encountered the same probleme. IIS Express does not seem to use the custom headers in the web.config.

I fixed it by adding in the global.asax.cs :

    protected void Application_AuthenticateRequest(object sender, EventArgs e)
    {
        if (Context.Request.Headers.AllKeys.Contains("Origin"))
        {
            Context.Response.AddHeader("Access-Control-Allow-Origin", "http://localhost:57062");
            Context.Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
            Context.Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, PATCH, OPTIONS");
            Context.Response.AddHeader("Access-Control-Allow-Credentials", "true");
            if (Context.Request.HttpMethod == "OPTIONS") Context.Response.End();
        }
    }