ASP.Net MVC 应用程序在进行 Web API 调用时抛出 403 错误
[英]ASP.Net MVC application throws 403 error while making a Web API call
问题描述
I have this problem with an MVC application that has a class descended from ApiController :
我有一个 MVC 应用程序的问题,它有一个 class 来自ApiController的后代:
[Authorize]
public class WidgetController : ApiController
{
// POST: api/Widget/GetWidgets
[HttpPost]
[ActionName("GetWidgets")]
public List<WidgetItem> GetWidgets(WidgetQueryParams parms)
{
// ...
}
// ...
}
This is configured in WebApiConfig.cs:这是在 WebApiConfig.cs 中配置的:
public static class WebApiConfig
{
public static void Register(HttpConfiguration config)
{
config.Filters.Add(new ExceptionHandlingAttribute());
config.MapHttpAttributeRoutes();
config.Routes.MapHttpRoute(
name: "WidgetApi",
routeTemplate: "api/{controller}/{action}/{id}",
defaults: new {id = RouteParameter.Optional }
);
config.Routes.MapHttpRoute(
name: "DefaultApi",
routeTemplate: "api/{controller}/{id}",
defaults: new {id = RouteParameter.Optional }
);
}
}
The method is called from JavaScript built on top of AngularJS:该方法是从建立在 AngularJS 之上的 JavaScript 调用的:
function () {
'use strict';
angular.module('WidgetApp').factory('DataContext', ['$http', '$q', DataContext]);
function DataContext($http, $q) {
var service = {
// ...
WebAPIPostWithData: WebAPIPostWithData,
// ...
};
return service;
function WebApiPostWithData(Controller, Action, data) {
var url = "api/" + Controller + "/" + Action;
var deferred = $q.defer();
$http.post(url, data)
.success(function (httpResult) {
deferred.resuilve(httpResult);
}).error(response) {
deferred.reject(response);
throw "Exception: DataContext/WebAPIPostWithData - Error while calling the url '" + url + "'. Message: " + response.ExceptionMessage;
})
return deferred.promise;
}
}
})();
At run time, the JavaScript gets down into DataContext.WebAPIPostWithData() and calls $http.post() .在运行时,JavaScript 进入DataContext.WebAPIPostWithData()并调用$http.post() 。 When the call returns, I see the code stop at the breakpoint I put on the .error() function and the response is a 403 error.当调用返回时,我看到代码在我放在.error() function 上的断点处停止,响应是 403 错误。 As an experiment, I modified the code in the WidgetController so the GetWidgets() method was decorated as an [HttpGet] method instead of [HttpPost] and the program stopped at my breakpoint in that method.作为实验,我修改了WidgetController中的代码,因此GetWidgets()方法被修饰为[HttpGet]方法而不是[HttpPost]并且程序在该方法的断点处停止。
I'm at a complete loss at this point.在这一点上我完全不知所措。 Why does the call return a 403 error when it's called as an HTTP POST operation but works fine when called as an HTTP GET operation?为什么调用作为 HTTP POST 操作调用时返回 403 错误,但在作为 HTTP GET 操作调用时工作正常? Does anyone have any ideas on what might be wrong?有没有人对可能出什么问题有任何想法?
2 个解决方案
解决方案1
2 已采纳 2022-05-04 00:09:40
It could be a CORS pre-flight check error.可能是 CORS 飞行前检查错误。 GET request don't have these restrictions, however POST requests do. GET请求没有这些限制,但是POST请求有。 With pre-flight check errors, it usually says that.对于飞行前检查错误,它通常会这样说。 Can you check if it works in Postman?你能检查一下它在 Postman 中是否有效吗? If it works in Postman, but doesn't in your app, then that's another indication that it's a pre-flight check issue.如果它在 Postman 中有效,但在您的应用中无效,则表明这是飞行前检查问题。
You may find the below answer useful as well: Response for preflight 403 forbidden您可能会发现以下答案也很有用: Response for preflight 403 forbidden
解决方案2
0 2022-05-03 21:51:07
Perhaps you have permission to read from the API but not write to it?也许您有权从 API 读取但不能写入?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.