添加AllowAnyHeader不允许.NET Core 3.1中的所有标头
[英]Adding AllowAnyHeader does not allow all headers in .NET Core 3.1
问题描述
In my .NET Core 3.1 Startup program, I have something like this:
在我的 .NET Core 3.1 启动程序中,我有这样的东西:
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddDefaultPolicy(
builder =>
{
builder.AllowAnyHeader();
builder.AllowAnyMethod();
builder.AllowAnyOrigin();
});
});
}
I was expecting that AllowAnyHeader would add "Access-Control-Allow-Methods": "GET,POST,PUT,DELETE,OPTIONS";我期待AllowAnyHeader会添加"Access-Control-Allow-Methods": "GET,POST,PUT,DELETE,OPTIONS"; to the response header, but when I call a DELETE in a method configured with [HttpDelete] in the Controller, I see the following in the response header:到响应 header,但是当我在 Controller 中配置了[HttpDelete]的方法中调用 DELETE 时,我在响应 header 中看到以下内容:
access-control-allow-methods → GET (no DELETE or OPTIONS) access-control-allow-methods → GET (无删除或选项)
So, what should I do to see all methods allowed in the response header?那么,我应该怎么做才能看到响应 header 中允许的所有方法?
1 个解决方案
解决方案1
0 2022-04-15 14:50:54
You can use this instead in Configure您可以在 Configure 中使用它
app.UseCors(x => x
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
or you should use或者你应该使用
services.AddCors(options =>
{
options.AddDefaultPolicy(
builder =>
{
builder.AllowAnyOrigin()
.AllowAnyHeader()
.AllowAnyMethod();
});
});
then use it in Configure然后在配置中使用它
app.UseCors();
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.