asp.net-web-api – WebApi DelegatingHandler未调用preflight CORS请
发布时间:2020-05-22 16:09:10 所属栏目:asp.Net 来源:互联网
导读:我正在尝试为我的WebApi控制器实现CORS支持,我正在关注示例 here. 我的处理程序如下所示: /// summary/// Taken from http://blogs.msdn.com/b/carlosfigueira/archive/2012/02/20/implementing-cors-support-in-asp-net-web-apis.aspx/// /summ
|
我正在尝试为我的WebApi控制器实现CORS支持,我正在关注示例 here. 我的处理程序如下所示: /// <summary>
/// Taken from http://blogs.msdn.com/b/carlosfigueira/archive/2012/02/20/implementing-cors-support-in-asp-net-web-apis.aspx
/// </summary>
public class CorsHandler : DelegatingHandler
{
private const string Origin = "Origin";
private const string AccessControlRequestMethod = "Access-Control-Request-Method";
private const string AccessControlRequestHeaders = "Access-Control-Request-Headers";
private const string AccessControlAllowOrigin = "Access-Control-Allow-Origin";
private const string AccessControlAllowMethods = "Access-Control-Allow-Methods";
private const string AccessControlAllowHeaders = "Access-Control-Allow-Headers";
private const string AccessControlAllowCredentials = "Access-Control-Allow-Credentials";
protected override async Task<HttpResponseMessage> SendAsync(HttpRequestMessage request,CancellationToken cancellationToken)
{
var isCorsRequest = request.Headers.Contains(Origin);
var isPreflightRequest = request.Method == HttpMethod.Options;
if (isCorsRequest)
{
if (isPreflightRequest)
{
var response = new HttpResponseMessage(HttpStatusCode.OK);
response.Headers.Add(AccessControlAllowOrigin,request.Headers.GetValues(Origin).First());
var accessControlRequestMethod = request.Headers.GetValues(AccessControlRequestMethod).FirstOrDefault();
if (accessControlRequestMethod != null)
{
response.Headers.Add(AccessControlAllowMethods,accessControlRequestMethod);
}
var requestedHeaders = string.Join(",",request.Headers.GetValues(AccessControlRequestHeaders));
if (!string.IsNullOrEmpty(requestedHeaders))
{
response.Headers.Add(AccessControlAllowHeaders,requestedHeaders);
}
response.Headers.Add(AccessControlAllowCredentials,"true");
var tcs = new TaskCompletionSource<HttpResponseMessage>();
tcs.SetResult(response);
return response;
}
var resp = await base.SendAsync(request,cancellationToken);
resp.Headers.Add(AccessControlAllowOrigin,request.Headers.GetValues(Origin).First());
resp.Headers.Add(AccessControlAllowHeaders,"*");
resp.Headers.Add(AccessControlAllowCredentials,"true");
return resp;
}
return await base.SendAsync(request,cancellationToken);
}
}
在我的WebApiConfig类中,我正在注册该处理程序,如下所示: config.MessageHandlers.Add(new CorsHandler()); 并且它被称为“GET”请求.但是没有要求任何需要预检批准的请求.请求如下所示: Request OPTIONS /api/campaigns/1002/customerusers/1008 HTTP/1.1 Accept */* Origin http://app.dev.alanta.com Access-Control-Request-Method DELETE Access-Control-Request-Headers accept Accept-Encoding gzip,deflate User-Agent Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0) Host dev.payboard.com Content-Length 0 DNT 1 Connection Keep-Alive Cache-Control no-cache 但正如我所说,处理程序永远不会被调用OPTIONS动词. 我认为可能有其他处理程序在某处干扰了这个,但我删除了所有可能的候选人,到目前为止没有运气. 我的另一个理论是,它没有认识到OPTIONS动词的特定路由,因此它永远不会将请求移交给WebApi子系统,而是在其他地方处理它.但我还不完全清楚如何解决这个问题. 建议? 解决方法添加到web.config以下内容:<handlers>
<remove name="OPTIONSVerbHandler" />
</handlers> (编辑:安卓应用网) 【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容! |
相关内容
- asp.net – 使用itemtemplate动态地将列添加到Grid-view
- asp.net-mvc-3 – URL.Action在构造URL时包含id
- 取消ASP.NET中的默认提交按钮
- asp.net – 优雅地停止fastcgi-mono-server,网站内容更新,无
- ASP.Net自定义客户端验证
- asp.net-web-api – ASP.NET Core中的IHttpActionResult和帮
- asp.net – IIS自定义错误未显示自定义错误页面
- asp.net-mvc – ASP.NET MVC视图模型命名约定
- asp.net-mvc – 部署后不显示捆绑的css … ASP.NET MVC4
- asp.net – 如何禁用提交行为的asp:ImageButton?
推荐文章
站长推荐
- ASP.NET从内存而不是从文件中流内容
- 如何强制我的ASP.net 2.0应用程序重新编译
- IIS7 – 一次只能提供一页.这是一个让我crazy!
- 在ASP.NET MVC中动态地从数据库生成CSS文件
- asp.net-mvc – 不要在ASP .NET MVC 4 BundleCon
- asp.net-mvc-3 – 在MVC3中使用Page.User.Identi
- 为什么在ASP.NET Web API中从请求中删除内容范围
- 使用asp.net中的Enterprise Library实现日志文件
- asp.net – 如何将两个模型传递给一个View
- asp.net – 我可以同时拥有Controller和ApiContr
热点阅读