[英]IIS website works with localhost, but not using an IP address
I have an Angular frontend with a .NET framework backend, which has the following web.config
file (nothing else about authorization/authentication):我有一个 Angular 前端和一个 .NET 框架后端,它有以下web.config
文件(没有关于授权/认证的其他内容):
<location path="Tokens">
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="true" />
<anonymousAuthentication enabled="false" />
</authentication>
</security>
</system.webServer>
</location>
<system.webServer>
<security>
<authentication>
<windowsAuthentication enabled="false" />
<anonymousAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
I am using AD login, which is the Tokens
controller, the rest is secured by JWT tokens.我正在使用 AD 登录,这是令牌Tokens
由 JWT 令牌保护。
My current problem is, I wish to test the website with other computers in the domain using IIS and the website works if I use localhost
, but as soon as I use my IP, errors start appearing.我目前的问题是,我希望使用 IIS 与域中的其他计算机一起测试该网站,如果我使用localhost
,该网站可以正常工作,但是一旦我使用我的 IP,错误就会开始出现。
My frontend configuration JSON:我的前端配置 JSON:
{
...
"apiAddress": "https://IP:50505/",
...
}
And the backend web.config
also contains this:后端web.config
也包含这个:
<add key="WhitelistedServerUrls" value="https://IP:34622" />
So if the IP in the config files is localhost
, then everything works as it should, but if I exchange that for my actual IP, then I get CORS errors as shown in the image below:因此,如果配置文件中的 IP 是localhost
,那么一切正常,但如果我将其交换为实际的 IP,则会出现 CORS 错误,如下图所示:
None of these errors appear if I use localhost.如果我使用本地主机,这些错误都不会出现。 Below is the list of the things I've tried:以下是我尝试过的事情的列表:
HTTP Response Headers
feature in IIS CORS 应该在代码中正确设置,但为了确保,我还在 IIS 的HTTP Response Headers
功能中配置了它
https://IP
to local intr.net in settings我还在设置中将网站https://IP
添加到本地 intr.net
My guess is that my IIS is not configured correctly, as the website works if I use localhost
instead of an IP address.我的猜测是我的 IIS 配置不正确,因为如果我使用localhost
而不是 IP 地址,网站就可以正常工作。
You enabled Windows authentication, so that when CORS preflight request (anonymous OPTION request) sent by the browser arrives on IIS, 401 is returned by IIS and triggers the errors you see.您启用了 Windows 身份验证,因此当浏览器发送的 CORS 预检请求(匿名 OPTION 请求)到达 IIS 时,IIS 返回 401 并触发您看到的错误。
You will have to use IIS CORS module to properly process such preflight requests,您将不得不使用 IIS CORS 模块来正确处理此类预检请求,
https://blogs.iis.net/iisteam/getting-started-with-the-iis-cors-module https://blogs.iis.net/iisteam/getting-started-with-the-iis-cors-module
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.