How to enable CORS for asp.net mvc web site?
Question
I want to enable CORS for an action in my asp.net mvc 4 web site. This is possible for web api http://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api Is there a similar solution for mvc web site? I also want to be able to restrict this for origin web sites I want. Thanks
1 answers
solution1
1 2014-07-27 17:12:15
i think you need to create your Custom authorization Like this:
/// <summary>
/// Referrer Url Custom Authorize
/// </summary>
[AttributeUsage(AttributeTargets.Class)]
public class ReferrerUrlAuthorize : AuthorizeAttribute
{
protected override bool IsAuthorized(System.Web.Http.Controllers.HttpActionContext actionContext)
{
IList<string> webSitesAllowed = new List<string>() { "http://mywebsite.com", "http://customersite.com" };
string urlReferrer = System.Web.HttpContext.Current.Request.UrlReferrer.AbsoluteUri;
//checking if the referrer url exists in your list of sites allowed
if (!webSitesAllowed.Contains(urlReferrer))
return false; //access denied
return true;
}
}
and in your controller class must be set the ReferrerUrlAuthorize
[ReferrerUrlAuthorize]
public class HomeController : Controller
{
public ActionResult Index()
{
ViewBag.Title = "Home Page";
return View();
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
How to enable CORS globally in ASP.NET web API core
How to 'Enable CORS' in asp.net web form application?
How to know the Web Site version in ASP.net MVC
Enable CORS on Specific URL in ASP.NET Web Forms
Can't enable CORS in ASP.Net Core web api
Mixing asp.net web site with asp.net MVC
How to add asp.net mvc style context menu item for asp.net web site?
How to enable CORS in asp.net Self-Hosted API?
How can I make an ASP.NET MVC site as unit testable as an ASP.NET Web Forms site?
asp.net mvc 2 web application inside a Web site?
Related Tags