问题
I have a Web API 2 application with CORS authentication enabled. Locally I'm running two sites, a SPA site and the web API, both on port 80, using different host headers. Everything works fine. However, I'm trying to test on a machine that has no domain, so I have to use IP addresses with different ports for the two sites. No matter what I do, the web API gives the good old "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://xxx.xxx.xxx.xxx:8090' is therefore not allowed access". I have my CORS configured as follows:
var cors = new EnableCorsAttribute(
origins: "*",
headers: "*",
methods: "*");
config.EnableCors(cors);
Is it only possible to run web API 2 CORS when the API is on a real domain, not on an IP address? That seems like an extreme limitation.
Not sure if it matters or not, but locally I'm running IIS 7.5, but my test machine is IIS 7.
Any help would be greatly appreciated.
回答1:
Turns out it is IIS specific. As soon as I put my API on a machine running IIS 7.5, it worked perfectly. Cheers.
回答2:
If you try my comment without sucess, add the following to Web.config file (inside <system.webServer> tag):
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>
</httpProtocol>
Hope this helps!
来源:https://stackoverflow.com/questions/32878706/web-api-2-cors-wont-allow-ip-addresses-as-origins