[英]asp.net core 2.1 cross orgin policy. Only single url working when added as CORS
我試圖添加多個RUL,應該將其列入CORS的白名單。
問題僅在於單個url工作。 我的代碼如下
public class StartupShutdownHandler
{
private static readonly log4net.ILog Logger = log4net.LogManager.GetLogger(System.Reflection.MethodBase.GetCurrentMethod().DeclaringType);
private const string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
public StartupShutdownHandler(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
services.AddMvc(options => { options.RespectBrowserAcceptHeader = true; }).AddXmlSerializerFormatters().AddXmlDataContractSerializerFormatters();
CorsRelatedPolicyAddition(services);
}
private void CorsRelatedPolicyAddition(IServiceCollection services)
{
/* var lstofCors = ConfigurationHandler.GetSection<List<string>>(StringConstants.AppSettingsKeys.CORSWhitelistedURL);
*/
var lstofCors = new List<string> {"url1", "url2"}
if (lstofCors != null && lstofCors.Count > 0 && lstofCors.Any(h => !string.IsNullOrWhiteSpace(h)))
{
services.AddCors(options =>
{
//https://stackoverflow.com/questions/43985620/asp-net-core-use-multiple-cors-policies
foreach (var entry in lstofCors.FindAll(h => !string.IsNullOrWhiteSpace(h)))
{
options.AddPolicy(MyAllowSpecificOrigins, builder => { builder.WithOrigins(entry); });
}
});
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, IApplicationLifetime applicationLifetime)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors(MyAllowSpecificOrigins);
// CheckAndEnableDetailLogs(app);
app.UseMvc();
}
}
您將覆蓋陣列中每個條目的選項。
只需將條目添加為字符串數組即可。
var lstofCors = new string[] {"url1", "url2"};
services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins, builder => { builder.WithOrigins(lstofCors.ToArray()).AllowAnyMethod(); });
});
}
編輯:我添加了AllowAnyMethod(),就像只有get方法正在工作
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.