stackoom
  简体   繁体   中英

Web API 2 - CORS only works over HTTPS (not HTTP)

 原文  2015-06-22 17:47:47       c#/ asp.net-web-api/ cors/ iis-8

Question

All,

I have a really simple Web API 2 project that I'm working on. For some reason I cannot get CORS to work properly unless I put it in the web.config file. I followed the instructions on the MSDN article and this ASP.NET article , but I must be missing something.

Global.asax.cs 

protected void Application_Start()
{
    WebApiConfig.Register(GlobalConfiguration.Configuration);
}

WebApiConfig.cs 

public static void Register(HttpConfiguration config)
{
    config.EnableCors(new EnableCorsAttribute("*","*","*"));

    config.MapHttpAttributeRoutes();
}

JavaScript 

    $.ajax({
        url: '//myapidomain.com/buildings'
    }).done(function (data) {
        var theList     = $('.buildings'),
            theListHTML = "",
            response    = JSON.parse(data);

        $.each(response.Buildings.Data, function () {
            theListHTML += '<li>' + this.Description + '</li>';
        });
        theList.html(theListHTML);
    });

I've looked at just about every single Stack Overflow (such as this one ) and MSDN forum post (like this one ), and from what I can tell, this should be working. The app is hosted on an IIS 8 server running 4.0.

Update

It appears to be something with the request itself (or rather IIS configuration). If I send the request over HTTP, then it fails (no access-control headers get sent back). However, if I request it over HTTPS, everything works fine.

Solution

Our hosting environment was intercepting the non-HTTPS requests and forcing them to HTTPS. When it does this it returns a 304 which jQuery's method doesn't know how to handle. The solution is either to just always make the request over HTTPS (preferred) OR to handle this situation yourself/find an alternative library/plugin that handles this scenario.

1 answers

solution1
 0 ACCPTED  2015-09-08 14:18:41

Solution

Our hosting environment was intercepting the non-HTTPS requests and forcing them to HTTPS. When it does this it returns a 304 which jQuery's method doesn't know how to handle. The solution is either to just always make the request over HTTPS (preferred) OR to handle this situation yourself/find an alternative library/plugin that handles this scenario.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Web API - How CORS works Convert OWIN Web API from http to https which http methods allowed in “*” when enabling CORS in web api HTTP over UDP adapter for Web API Request Rest API with Http failed with 401 but Https works Web API CORS implementation Enabling CORS in Web Api 2 Enable CORS in Web API 2 I want my web API work with both HTTP and HTTPS requests why my web api is working on https not http in C#
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM