Ajax 调用在我的 ASP.NET MVC 4 项目中偶尔返回 403 错误
[英]Ajax calls sporadically returning a 403 error in my ASP.NET MVC 4 project
问题描述
I've just noticed an issue that is occurring when I publish my ASP.NET MVC 4 project onto our UAT web server that I am not getting when testing locally.
我刚刚注意到当我将我的 ASP.NET MVC 4 项目发布到我们的 UAT web 服务器上时出现的问题,我在本地测试时没有得到。 I have a form with dropdowns which are populated by AJAX calls to get values from stored procedures.我有一个带有下拉列表的表单,其中包含 AJAX 调用以从存储过程中获取值。 The calls are seemingly randomly returning 403 forbidden errors and I can't determine why.这些调用似乎随机返回 403 禁止错误,我无法确定原因。 The method being called works fine one moment, then 403 the next.被调用的方法一会儿工作正常,然后 403。 Any tips would be much appreciated.任何提示将不胜感激。 Please see details below:请参阅以下详细信息:
Ajax JQuery call: Ajax JQuery 电话:
$.fn.GetOriginalValue = function() {
var cobId = $("#startcob").val();
var sourceSystemId = $("#SelectedSourceSystemID").val();
var sourceSystem = $("#SelectedSourceSystemName").val();
var metricName = $("#SelectedMetricName").val();
var clientId;
var dataToSend;
if (isJuno) {
clientId = $("#ClientID").val();
var key2 = $("#key2").val();
var key3 = $("#key3").val();
var key4 = $("#key6").val();
var key5 = $("#key9").val();
var currency = $("#cmdCurrency").val();
dataToSend = {
key1: clientId,
key2: key2,
CobId: cobId,
key3: key3,
key4: key4,
key5: key5,
metricName: metricName,
currency: currency,
sourceSystem: sourceSystem
};
}
if (dataToSend != null) {
$.ajax({
cache: false,
type: 'POST',
url: '@Url.Action("GetCurrentValueJuno")',
data: dataToSend,
success: function(data) {
if (data.success && data.currentValue != null) {
$("#OriginalValue").val(data.currentValue);
} else {
$("#OriginalValue").val("");
}
}
});
}
};
Controller method: Controller 方法:
/// <summary>
/// Lookup the current value of a metric
/// </summary>
/// <param name="key1"></param>
/// <param name="key2"></param>
/// <param name="cobId"></param>
/// <param name="key3"></param>
/// <param name="key4"></param>
/// <param name="key5"></param>
/// <param name="metricName"></param>
/// <param name="currency"></param>
/// <param name="sourceSystem"></param>
/// <returns></returns>
[AllowCrossSiteJson]
[AcceptVerbs(HttpVerbs.Post)]
public ActionResult GetCurrentValueJuno(
int? key1,
int? key2,
DateTime? cobId,
string key3,
int? key4,
int? key5,
string metricName,
string currency,
string sourceSystem
)
{
if (key1 != null && key2 != null && cobId != null)
{
//method calls stored procedure to obtain current value based on inputs provided
var metrics = CFAQueries.GetCurrentValueJuno(
key1,
key2,
cobId,
key3,
key4,
key5,
metricName,
sourceSystem);
var currentValue = metrics?.Value ?? 0;
if (!string.IsNullOrEmpty(currency))
{
var fxrate = GetFxRate((DateTime)cobId, currency);
currentValue = currentValue / (fxrate ?? 1);
}
return Json(
new
{
currentValue = currentValue,
success = metrics != null
},
JsonRequestBehavior.AllowGet);
}
return Json(
new
{
success = false
},
JsonRequestBehavior.AllowGet);
}
The screenshots show the Network tab with the method call, one failing and one succeeding, moments apart, with the exact same form inputs.屏幕截图显示带有方法调用的“网络”选项卡,一个失败,一个成功,相隔片刻,具有完全相同的表单输入。
Following investigating I have tried adding the following to my web.config:在调查之后,我尝试将以下内容添加到我的 web.config 中:
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
</system.webServer>
And I've also tried the accepted answer in this: Setting Access-Control-Allow-Origin in ASP.Net MVC - simplest possible method而且我还尝试了接受的答案: 在 ASP.Net MVC 中设置访问控制允许来源 - 最简单的方法
However neither have solved my issue.但是都没有解决我的问题。 Any help or suggestions would be much appreciated.任何帮助或建议将不胜感激。 Thank you.谢谢你。
2 个解决方案
解决方案1
0 2021-05-04 10:44:36
you have multiple access-control-allow-origin你有多个访问控制允许来源
check this Question Access-control-allow-origin with multiple domains 使用多个域检查此问题 Access-control-allow-origin
解决方案2
0 2023-01-26 09:36:18
After being in trouble for two days on this problem...在这个问题上困扰了两天之后......
My project was running well on my development machine and on my client's server, but only directly on that server.我的项目在我的开发机器和我客户的服务器上运行良好,但只能直接在该服务器上运行。 Errors appeared when running queries from "the inte.net"从“the inte.net”运行查询时出现错误
The client had installed a WAF that was blocking requests and returning 403 errors.客户端安装了一个阻止请求并返回 403 错误的 WAF。 I couldn't find any logs on these errors in IIS, it should have tipped me off more quickly我在 IIS 中找不到关于这些错误的任何日志,它应该更快地提示我
I don't know if it's the same situation for Barrassment but I'm sharing my solution maybe it can help others...我不知道 Barrassment 的情况是否相同,但我正在分享我的解决方案,也许它可以帮助其他人......
Code that worked for three years... on multiple servers工作了三年的代码......在多台服务器上
$.ajax({
type: "POST",
url: "/People/Typeahead",
data: "{'query':'" + query + "'}",
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (data) {}
})
code that works now, WAF couldn't parse JSON with single quotes as separator... so my solution was just to use JSON.stringify:现在有效的代码,WAF 无法用单引号作为分隔符解析 JSON...所以我的解决方案只是使用 JSON.stringify:
$.ajax({
type: "POST",
url: "/People/Typeahead",
data: JSON.stringify({
query: query
}),
contentType: "application/json; charset=utf-8",
dataType: "json",
success: function (data) {}
})
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.