[英]Asp.Net Core CORS and SSL
我的情況是我的前端是用 reactjs 構建的,而我的后端是用 asp.net 核心 2.2 構建的
-前端: https://example.com/sub-directory
-具有有效證書
-后端: https://198.38.xx:5001
-windows 服務器沒有有效證書
如果我的前端需要 SSL 我總是遇到網絡錯誤,我該如何與后端通信?
啟動.cs
services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
builder
.WithOrigins("https://example.gov.ph", "http://example.gov.ph")
.AllowCredentials()
.AllowAnyHeader()
.AllowAnyMethod();
});
});
app.UseCors(MyAllowSpecificOrigins);
config.json 我的前端代碼
{
"apiUrl": "https://198.38.x.x:5001/api",
"url": "https://198.38.x.x:5001",
"profilePictureUrl": "https://198.38.x.x:5001/Public/Employees/Photos",
"selectOptionLimit": 10,
"fileSizeLimit": 10,
"pageSize": 20,
"gridSize": { "col": 4, "row": 3 }
}
當瀏覽器使用 XHR 進行跨域調用時,它們會請求 CORS 標頭來決定目標服務器是否允許訪問源域。
public void ConfigureServices(IServiceCollection services)
{
// ...
services.AddCors(options =>
{
options.AddPolicy("CorsPolicy",
builder => builder.WithOrigins("https://example.com/sub-directory")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials());
});
services.AddMvc();
// ...
}
public void Configure(IApplicationBuilder app)
{
// ...
app.UseCors("CorsPolicy");
// ...
}
您應該可以在Startup
class 配置中添加它
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
readonly string MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
services.AddCors(options =>
{
options.AddPolicy(MyAllowSpecificOrigins,
builder =>
{
builder.WithOrigins("https://example.com/sub-directory");
});
});
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseHsts();
}
app.UseCors(MyAllowSpecificOrigins);
app.UseHttpsRedirection();
app.UseMvc();
}
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.